summaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
Diffstat (limited to 'meta')
-rw-r--r--meta/recipes-devtools/binutils/binutils-2.28.inc9
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2017-9955_1.patch168
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2017-9955_2.patch122
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2017-9955_3.patch48
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2017-9955_4.patch51
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2017-9955_5.patch89
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2017-9955_6.patch56
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2017-9955_7.patch80
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2017-9955_8.patch187
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2017-9955_9.patch361
10 files changed, 1171 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.28.inc b/meta/recipes-devtools/binutils/binutils-2.28.inc
index fe9059a514..1784c52ffa 100644
--- a/meta/recipes-devtools/binutils/binutils-2.28.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.28.inc
@@ -68,6 +68,15 @@ SRC_URI = "\
68 file://CVE-2017-9755.patch \ 68 file://CVE-2017-9755.patch \
69 file://CVE-2017-9756.patch \ 69 file://CVE-2017-9756.patch \
70 file://CVE-2017-9954.patch \ 70 file://CVE-2017-9954.patch \
71 file://CVE-2017-9955_1.patch \
72 file://CVE-2017-9955_2.patch \
73 file://CVE-2017-9955_3.patch \
74 file://CVE-2017-9955_4.patch \
75 file://CVE-2017-9955_5.patch \
76 file://CVE-2017-9955_6.patch \
77 file://CVE-2017-9955_7.patch \
78 file://CVE-2017-9955_8.patch \
79 file://CVE-2017-9955_9.patch \
71" 80"
72S = "${WORKDIR}/git" 81S = "${WORKDIR}/git"
73 82
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_1.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_1.patch
new file mode 100644
index 0000000000..774670fb0e
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_1.patch
@@ -0,0 +1,168 @@
1From cfd14a500e0485374596234de4db10e88ebc7618 Mon Sep 17 00:00:00 2001
2From: Nick Clifton <nickc@redhat.com>
3Date: Mon, 26 Jun 2017 15:25:08 +0100
4Subject: [PATCH] Fix address violations when atempting to parse fuzzed
5 binaries.
6
7 PR binutils/21665
8bfd * opncls.c (get_build_id): Check that the section is beig enough
9 to contain the whole note.
10 * compress.c (bfd_get_full_section_contents): Check for and reject
11 a section whoes size is greater than the size of the entire file.
12 * elf32-v850.c (v850_elf_copy_notes): Allow for the ouput to not
13 contain a notes section.
14
15binutils* objdump.c (disassemble_section): Skip any section that is bigger
16 than the entire file.
17
18Upstream-Status: Backport
19CVE: CVE-2017-9955 #1
20Signed-off-by: Armin Kuster <akuster@mvista.com>
21
22---
23 bfd/ChangeLog | 10 ++++++++++
24 bfd/compress.c | 6 ++++++
25 bfd/elf32-v850.c | 4 +++-
26 bfd/opncls.c | 18 ++++++++++++++++--
27 binutils/ChangeLog | 6 ++++++
28 binutils/objdump.c | 4 ++--
29 6 files changed, 43 insertions(+), 5 deletions(-)
30
31Index: git/bfd/compress.c
32===================================================================
33--- git.orig/bfd/compress.c
34+++ git/bfd/compress.c
35@@ -239,6 +239,12 @@ bfd_get_full_section_contents (bfd *abfd
36 *ptr = NULL;
37 return TRUE;
38 }
39+ else if (bfd_get_file_size (abfd) > 0
40+ && sz > (bfd_size_type) bfd_get_file_size (abfd))
41+ {
42+ *ptr = NULL;
43+ return FALSE;
44+ }
45
46 switch (sec->compress_status)
47 {
48Index: git/bfd/elf32-v850.c
49===================================================================
50--- git.orig/bfd/elf32-v850.c
51+++ git/bfd/elf32-v850.c
52@@ -2450,7 +2450,9 @@ v850_elf_copy_notes (bfd *ibfd, bfd *obf
53 BFD_ASSERT (bfd_malloc_and_get_section (ibfd, inotes, & icont));
54
55 if ((ocont = elf_section_data (onotes)->this_hdr.contents) == NULL)
56- BFD_ASSERT (bfd_malloc_and_get_section (obfd, onotes, & ocont));
57+ /* If the output is being stripped then it is possible for
58+ the notes section to disappear. In this case do nothing. */
59+ return;
60
61 /* Copy/overwrite notes from the input to the output. */
62 memcpy (ocont, icont, bfd_section_size (obfd, onotes));
63Index: git/bfd/opncls.c
64===================================================================
65--- git.orig/bfd/opncls.c
66+++ git/bfd/opncls.c
67@@ -1776,6 +1776,7 @@ get_build_id (bfd *abfd)
68 Elf_External_Note *enote;
69 bfd_byte *contents;
70 asection *sect;
71+ bfd_size_type size;
72
73 BFD_ASSERT (abfd);
74
75@@ -1790,8 +1791,9 @@ get_build_id (bfd *abfd)
76 return NULL;
77 }
78
79+ size = bfd_get_section_size (sect);
80 /* FIXME: Should we support smaller build-id notes ? */
81- if (bfd_get_section_size (sect) < 0x24)
82+ if (size < 0x24)
83 {
84 bfd_set_error (bfd_error_invalid_operation);
85 return NULL;
86@@ -1804,6 +1806,17 @@ get_build_id (bfd *abfd)
87 return NULL;
88 }
89
90+ /* FIXME: Paranoia - allow for compressed build-id sections.
91+ Maybe we should complain if this size is different from
92+ the one obtained above... */
93+ size = bfd_get_section_size (sect);
94+ if (size < sizeof (Elf_External_Note))
95+ {
96+ bfd_set_error (bfd_error_invalid_operation);
97+ free (contents);
98+ return NULL;
99+ }
100+
101 enote = (Elf_External_Note *) contents;
102 inote.type = H_GET_32 (abfd, enote->type);
103 inote.namesz = H_GET_32 (abfd, enote->namesz);
104@@ -1815,7 +1828,8 @@ get_build_id (bfd *abfd)
105 if (inote.descsz == 0
106 || inote.type != NT_GNU_BUILD_ID
107 || inote.namesz != 4 /* sizeof "GNU" */
108- || strcmp (inote.namedata, "GNU") != 0)
109+ || strncmp (inote.namedata, "GNU", 4) != 0
110+ || size < (12 + BFD_ALIGN (inote.namesz, 4) + inote.descsz))
111 {
112 free (contents);
113 bfd_set_error (bfd_error_invalid_operation);
114Index: git/binutils/objdump.c
115===================================================================
116--- git.orig/binutils/objdump.c
117+++ git/binutils/objdump.c
118@@ -2048,7 +2048,7 @@ disassemble_section (bfd *abfd, asection
119 return;
120
121 datasize = bfd_get_section_size (section);
122- if (datasize == 0)
123+ if (datasize == 0 || datasize >= (bfd_size_type) bfd_get_file_size (abfd))
124 return;
125
126 if (start_address == (bfd_vma) -1
127@@ -2912,7 +2912,7 @@ dump_target_specific (bfd *abfd)
128 static void
129 dump_section (bfd *abfd, asection *section, void *dummy ATTRIBUTE_UNUSED)
130 {
131- bfd_byte *data = 0;
132+ bfd_byte *data = NULL;
133 bfd_size_type datasize;
134 bfd_vma addr_offset;
135 bfd_vma start_offset;
136Index: git/bfd/ChangeLog
137===================================================================
138--- git.orig/bfd/ChangeLog
139+++ git/bfd/ChangeLog
140@@ -1,4 +1,14 @@
141 2017-06-26 Nick Clifton <nickc@redhat.com>
142+
143+ PR binutils/21665
144+ * opncls.c (get_build_id): Check that the section is beig enough
145+ to contain the whole note.
146+ * compress.c (bfd_get_full_section_contents): Check for and reject
147+ a section whoes size is greater than the size of the entire file.
148+ * elf32-v850.c (v850_elf_copy_notes): Allow for the ouput to not
149+ contain a notes section.
150+
151+2017-06-26 Nick Clifton <nickc@redhat.com>
152
153 PR binutils/21670
154 * tekhex.c (getvalue): Check for the source pointer exceeding the
155Index: git/binutils/ChangeLog
156===================================================================
157--- git.orig/binutils/ChangeLog
158+++ git/binutils/ChangeLog
159@@ -1,3 +1,9 @@
160+2017-06-26 Nick Clifton <nickc@redhat.com>
161+
162+ PR binutils/21665
163+ * objdump.c (disassemble_section): Skip any section that is bigger
164+ than the entire file.
165+
166 2017-04-03 Nick Clifton <nickc@redhat.com>
167
168 PR binutils/21345
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_2.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_2.patch
new file mode 100644
index 0000000000..f95295f183
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_2.patch
@@ -0,0 +1,122 @@
1From 0630b49c470ca2e3c3f74da4c7e4ff63440dd71f Mon Sep 17 00:00:00 2001
2From: "H.J. Lu" <hjl.tools@gmail.com>
3Date: Mon, 26 Jun 2017 09:24:49 -0700
4Subject: [PATCH] Check file size before getting section contents
5
6Don't check the section size in bfd_get_full_section_contents since
7the size of a decompressed section may be larger than the file size.
8Instead, check file size in _bfd_generic_get_section_contents.
9
10 PR binutils/21665
11 * compress.c (bfd_get_full_section_contents): Don't check the
12 file size here.
13 * libbfd.c (_bfd_generic_get_section_contents): Check for and
14 reject a section whoes size + offset is greater than the size
15 of the entire file.
16 (_bfd_generic_get_section_contents_in_window): Likewise.
17
18Upstream-Status: Backport
19CVE: CVE-2017-9955 #2
20Signed-off-by: Armin Kuster <akuster@mvista.com>
21
22---
23 bfd/ChangeLog | 10 +++++++++-
24 bfd/compress.c | 8 +-------
25 bfd/libbfd.c | 17 ++++++++++++++++-
26 3 files changed, 26 insertions(+), 9 deletions(-)
27
28Index: git/bfd/compress.c
29===================================================================
30--- git.orig/bfd/compress.c
31+++ git/bfd/compress.c
32@@ -239,12 +239,6 @@ bfd_get_full_section_contents (bfd *abfd
33 *ptr = NULL;
34 return TRUE;
35 }
36- else if (bfd_get_file_size (abfd) > 0
37- && sz > (bfd_size_type) bfd_get_file_size (abfd))
38- {
39- *ptr = NULL;
40- return FALSE;
41- }
42
43 switch (sec->compress_status)
44 {
45@@ -260,7 +254,7 @@ bfd_get_full_section_contents (bfd *abfd
46 /* xgettext:c-format */
47 (_("error: %B(%A) is too large (%#lx bytes)"),
48 abfd, sec, (long) sz);
49- return FALSE;
50+ return FALSE;
51 }
52 }
53
54Index: git/bfd/libbfd.c
55===================================================================
56--- git.orig/bfd/libbfd.c
57+++ git/bfd/libbfd.c
58@@ -780,6 +780,7 @@ _bfd_generic_get_section_contents (bfd *
59 bfd_size_type count)
60 {
61 bfd_size_type sz;
62+ file_ptr filesz;
63 if (count == 0)
64 return TRUE;
65
66@@ -802,8 +803,15 @@ _bfd_generic_get_section_contents (bfd *
67 sz = section->rawsize;
68 else
69 sz = section->size;
70+ filesz = bfd_get_file_size (abfd);
71+ if (filesz < 0)
72+ {
73+ /* This should never happen. */
74+ abort ();
75+ }
76 if (offset + count < count
77- || offset + count > sz)
78+ || offset + count > sz
79+ || (section->filepos + offset + sz) > (bfd_size_type) filesz)
80 {
81 bfd_set_error (bfd_error_invalid_operation);
82 return FALSE;
83@@ -826,6 +834,7 @@ _bfd_generic_get_section_contents_in_win
84 {
85 #ifdef USE_MMAP
86 bfd_size_type sz;
87+ file_ptr filesz;
88
89 if (count == 0)
90 return TRUE;
91@@ -858,7 +867,13 @@ _bfd_generic_get_section_contents_in_win
92 sz = section->rawsize;
93 else
94 sz = section->size;
95+ filesz = bfd_get_file_size (abfd);
96+ {
97+ /* This should never happen. */
98+ abort ();
99+ }
100 if (offset + count > sz
101+ || (section->filepos + offset + sz) > (bfd_size_type) filesz
102 || ! bfd_get_file_window (abfd, section->filepos + offset, count, w,
103 TRUE))
104 return FALSE;
105Index: git/bfd/ChangeLog
106===================================================================
107--- git.orig/bfd/ChangeLog
108+++ git/bfd/ChangeLog
109@@ -1,3 +1,13 @@
110+2017-06-26 H.J. Lu <hongjiu.lu@intel.com>
111+
112+ PR binutils/21665
113+ * compress.c (bfd_get_full_section_contents): Don't check the
114+ file size here.
115+ * libbfd.c (_bfd_generic_get_section_contents): Check for and
116+ reject a section whoes size + offset is greater than the size
117+ of the entire file.
118+ (_bfd_generic_get_section_contents_in_window): Likewise.
119+
120 2017-06-26 Nick Clifton <nickc@redhat.com>
121
122 PR binutils/21665
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_3.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_3.patch
new file mode 100644
index 0000000000..1b67c4e956
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_3.patch
@@ -0,0 +1,48 @@
1From 1f473e3d0ad285195934e6a077c7ed32afe66437 Mon Sep 17 00:00:00 2001
2From: "H.J. Lu" <hjl.tools@gmail.com>
3Date: Mon, 26 Jun 2017 15:47:16 -0700
4Subject: [PATCH] Add a missing line to
5 _bfd_generic_get_section_contents_in_window
6
7 PR binutils/21665
8 * libbfd.c (_bfd_generic_get_section_contents_in_window): Add
9 a missing line.
10
11Upstream-Status: Backport
12CVE: CVE-2017-9955 #3
13Signed-off-by: Armin Kuster <akuster@mvista.com>
14
15---
16 bfd/ChangeLog | 6 ++++++
17 bfd/libbfd.c | 1 +
18 2 files changed, 7 insertions(+)
19
20Index: git/bfd/libbfd.c
21===================================================================
22--- git.orig/bfd/libbfd.c
23+++ git/bfd/libbfd.c
24@@ -868,6 +868,7 @@ _bfd_generic_get_section_contents_in_win
25 else
26 sz = section->size;
27 filesz = bfd_get_file_size (abfd);
28+ if (filesz < 0)
29 {
30 /* This should never happen. */
31 abort ();
32Index: git/bfd/ChangeLog
33===================================================================
34--- git.orig/bfd/ChangeLog
35+++ git/bfd/ChangeLog
36@@ -1,6 +1,12 @@
37 2017-06-26 H.J. Lu <hongjiu.lu@intel.com>
38
39 PR binutils/21665
40+ * libbfd.c (_bfd_generic_get_section_contents_in_window): Add
41+ a missing line.
42+
43+2017-06-26 H.J. Lu <hongjiu.lu@intel.com>
44+
45+ PR binutils/21665
46 * compress.c (bfd_get_full_section_contents): Don't check the
47 file size here.
48 * libbfd.c (_bfd_generic_get_section_contents): Check for and
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_4.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_4.patch
new file mode 100644
index 0000000000..97d529a789
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_4.patch
@@ -0,0 +1,51 @@
1From ab27f80c5dceaa23c4ba7f62c0d5d22a5d5dd7a1 Mon Sep 17 00:00:00 2001
2From: Pedro Alves <palves@redhat.com>
3Date: Tue, 27 Jun 2017 00:21:25 +0100
4Subject: [PATCH] Fix GDB regressions caused by previous
5 bfd_get_section_contents changes
6
7Ref: https://sourceware.org/ml/binutils/2017-06/msg00343.html
8
9bfd/ChangeLog:
102017-06-26 Pedro Alves <palves@redhat.com>
11
12 PR binutils/21665
13 * libbfd.c (_bfd_generic_get_section_contents): Add "count", not
14 "sz".
15
16Upstream-Status: Backport
17CVE: CVE-2017-9955 #4
18Signed-off-by: Armin Kuster <akuster@mvista.com>
19
20---
21 bfd/ChangeLog | 6 ++++++
22 bfd/libbfd.c | 2 +-
23 2 files changed, 7 insertions(+), 1 deletion(-)
24
25Index: git/bfd/ChangeLog
26===================================================================
27--- git.orig/bfd/ChangeLog
28+++ git/bfd/ChangeLog
29@@ -1,3 +1,9 @@
30+2017-06-26 Pedro Alves <palves@redhat.com>
31+
32+ PR binutils/21665
33+ * libbfd.c (_bfd_generic_get_section_contents): Add "count", not
34+ "sz".
35+
36 2017-06-26 H.J. Lu <hongjiu.lu@intel.com>
37
38 PR binutils/21665
39Index: git/bfd/libbfd.c
40===================================================================
41--- git.orig/bfd/libbfd.c
42+++ git/bfd/libbfd.c
43@@ -811,7 +811,7 @@ _bfd_generic_get_section_contents (bfd *
44 }
45 if (offset + count < count
46 || offset + count > sz
47- || (section->filepos + offset + sz) > (bfd_size_type) filesz)
48+ || (section->filepos + offset + count) > (bfd_size_type) filesz)
49 {
50 bfd_set_error (bfd_error_invalid_operation);
51 return FALSE;
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_5.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_5.patch
new file mode 100644
index 0000000000..da3bd37e87
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_5.patch
@@ -0,0 +1,89 @@
1From 7211ae501eb0de1044983f2dfb00091a58fbd66c Mon Sep 17 00:00:00 2001
2From: Alan Modra <amodra@gmail.com>
3Date: Tue, 27 Jun 2017 09:45:04 +0930
4Subject: [PATCH] More fixes for bfd_get_section_contents change
5
6 PR binutils/21665
7 * libbfd.c (_bfd_generic_get_section_contents): Delete abort.
8 Use unsigned file pointer type, and remove cast.
9 * libbfd.c (_bfd_generic_get_section_contents_in_window): Likewise.
10 Add "count", not "sz".
11
12Upstream-Status: Backport
13CVE: CVE-2017-9955 #5
14Signed-off-by: Armin Kuster <akuster@mvista.com>
15
16---
17 bfd/ChangeLog | 8 ++++++++
18 bfd/libbfd.c | 18 ++++--------------
19 2 files changed, 12 insertions(+), 14 deletions(-)
20
21Index: git/bfd/ChangeLog
22===================================================================
23--- git.orig/bfd/ChangeLog
24+++ git/bfd/ChangeLog
25@@ -1,3 +1,11 @@
26+2017-06-27 Alan Modra <amodra@gmail.com>
27+
28+ PR binutils/21665
29+ * libbfd.c (_bfd_generic_get_section_contents): Delete abort.
30+ Use unsigned file pointer type, and remove cast.
31+ * libbfd.c (_bfd_generic_get_section_contents_in_window): Likewise.
32+ Add "count", not "sz".
33+
34 2017-06-26 Pedro Alves <palves@redhat.com>
35
36 PR binutils/21665
37Index: git/bfd/libbfd.c
38===================================================================
39--- git.orig/bfd/libbfd.c
40+++ git/bfd/libbfd.c
41@@ -780,7 +780,7 @@ _bfd_generic_get_section_contents (bfd *
42 bfd_size_type count)
43 {
44 bfd_size_type sz;
45- file_ptr filesz;
46+ ufile_ptr filesz;
47 if (count == 0)
48 return TRUE;
49
50@@ -804,14 +804,9 @@ _bfd_generic_get_section_contents (bfd *
51 else
52 sz = section->size;
53 filesz = bfd_get_file_size (abfd);
54- if (filesz < 0)
55- {
56- /* This should never happen. */
57- abort ();
58- }
59 if (offset + count < count
60 || offset + count > sz
61- || (section->filepos + offset + count) > (bfd_size_type) filesz)
62+ || section->filepos + offset + count > filesz)
63 {
64 bfd_set_error (bfd_error_invalid_operation);
65 return FALSE;
66@@ -834,7 +829,7 @@ _bfd_generic_get_section_contents_in_win
67 {
68 #ifdef USE_MMAP
69 bfd_size_type sz;
70- file_ptr filesz;
71+ ufile_ptr filesz;
72
73 if (count == 0)
74 return TRUE;
75@@ -868,13 +863,8 @@ _bfd_generic_get_section_contents_in_win
76 else
77 sz = section->size;
78 filesz = bfd_get_file_size (abfd);
79- if (filesz < 0)
80- {
81- /* This should never happen. */
82- abort ();
83- }
84 if (offset + count > sz
85- || (section->filepos + offset + sz) > (bfd_size_type) filesz
86+ || section->filepos + offset + count > filesz
87 || ! bfd_get_file_window (abfd, section->filepos + offset, count, w,
88 TRUE))
89 return FALSE;
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_6.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_6.patch
new file mode 100644
index 0000000000..e36429ad5b
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_6.patch
@@ -0,0 +1,56 @@
1From ea9aafc41a764e4e2dbb88a7b031e886b481b99a Mon Sep 17 00:00:00 2001
2From: Alan Modra <amodra@gmail.com>
3Date: Tue, 27 Jun 2017 14:43:49 +0930
4Subject: [PATCH] Warning fix
5
6 PR binutils/21665
7 * libbfd.c (_bfd_generic_get_section_contents): Warning fix.
8 (_bfd_generic_get_section_contents_in_window): Likewise.
9
10Upstream-Status: Backport
11CVE: CVE-2017-9955 #6
12Signed-off-by: Armin Kuster <akuster@mvista.com>
13
14---
15 bfd/ChangeLog | 12 +++++++++---
16 bfd/libbfd.c | 4 ++--
17 2 files changed, 11 insertions(+), 5 deletions(-)
18
19Index: git/bfd/libbfd.c
20===================================================================
21--- git.orig/bfd/libbfd.c
22+++ git/bfd/libbfd.c
23@@ -806,7 +806,7 @@ _bfd_generic_get_section_contents (bfd *
24 filesz = bfd_get_file_size (abfd);
25 if (offset + count < count
26 || offset + count > sz
27- || section->filepos + offset + count > filesz)
28+ || (ufile_ptr) section->filepos + offset + count > filesz)
29 {
30 bfd_set_error (bfd_error_invalid_operation);
31 return FALSE;
32@@ -864,7 +864,7 @@ _bfd_generic_get_section_contents_in_win
33 sz = section->size;
34 filesz = bfd_get_file_size (abfd);
35 if (offset + count > sz
36- || section->filepos + offset + count > filesz
37+ || (ufile_ptr) section->filepos + offset + count > filesz
38 || ! bfd_get_file_window (abfd, section->filepos + offset, count, w,
39 TRUE))
40 return FALSE;
41Index: git/bfd/ChangeLog
42===================================================================
43--- git.orig/bfd/ChangeLog
44+++ git/bfd/ChangeLog
45@@ -1,5 +1,11 @@
46 2017-06-27 Alan Modra <amodra@gmail.com>
47
48+ PR binutils/21665
49+ * libbfd.c (_bfd_generic_get_section_contents): Warning fix.
50+ (_bfd_generic_get_section_contents_in_window): Likewise.
51+
52+2017-06-27 Alan Modra <amodra@gmail.com>
53+
54 PR binutils/21665
55 * libbfd.c (_bfd_generic_get_section_contents): Delete abort.
56 Use unsigned file pointer type, and remove cast.
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_7.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_7.patch
new file mode 100644
index 0000000000..2cae63b4fc
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_7.patch
@@ -0,0 +1,80 @@
1From 60a02042bacf8d25814430080adda61ed086bca6 Mon Sep 17 00:00:00 2001
2From: Nick Clifton <nickc@redhat.com>
3Date: Fri, 30 Jun 2017 11:03:37 +0100
4Subject: [PATCH] Fix failures in MMIX linker tests introduced by fix for PR
5 21665.
6
7 PR binutils/21665
8 * objdump.c (disassemble_section): Move check for an overlarge
9 section to just before the allocation of memory. Do not check
10 section size against file size, but instead use an arbitrary 2Gb
11 limit. Issue a warning message if the section is too big.
12
13Upstream-Status: Backport
14CVE: CVE-2017-9955 #7
15Signed-off-by: Armin Kuster <akuster@mvista.com>
16
17---
18 binutils/ChangeLog | 8 ++++++++
19 binutils/objdump.c | 25 ++++++++++++++++++++++++-
20 2 files changed, 32 insertions(+), 1 deletion(-)
21
22Index: git/binutils/objdump.c
23===================================================================
24--- git.orig/binutils/objdump.c
25+++ git/binutils/objdump.c
26@@ -2048,7 +2048,7 @@ disassemble_section (bfd *abfd, asection
27 return;
28
29 datasize = bfd_get_section_size (section);
30- if (datasize == 0 || datasize >= (bfd_size_type) bfd_get_file_size (abfd))
31+ if (datasize == 0)
32 return;
33
34 if (start_address == (bfd_vma) -1
35@@ -2112,6 +2112,29 @@ disassemble_section (bfd *abfd, asection
36 }
37 rel_ppend = rel_pp + rel_count;
38
39+ /* PR 21665: Check for overlarge datasizes.
40+ Note - we used to check for "datasize > bfd_get_file_size (abfd)" but
41+ this fails when using compressed sections or compressed file formats
42+ (eg MMO, tekhex).
43+
44+ The call to xmalloc below will fail if too much memory is requested,
45+ which will catch the problem in the normal use case. But if a memory
46+ checker is in use, eg valgrind or sanitize, then an exception will
47+ be still generated, so we try to catch the problem first.
48+
49+ Unfortunately there is no simple way to determine how much memory can
50+ be allocated by calling xmalloc. So instead we use a simple, arbitrary
51+ limit of 2Gb. Hopefully this should be enough for most users. If
52+ someone does start trying to disassemble sections larger then 2Gb in
53+ size they will doubtless complain and we can increase the limit. */
54+#define MAX_XMALLOC (1024 * 1024 * 1024 * 2UL) /* 2Gb */
55+ if (datasize > MAX_XMALLOC)
56+ {
57+ non_fatal (_("Reading section %s failed because it is too big (%#lx)"),
58+ section->name, (unsigned long) datasize);
59+ return;
60+ }
61+
62 data = (bfd_byte *) xmalloc (datasize);
63
64 bfd_get_section_contents (abfd, section, data, 0, datasize);
65Index: git/binutils/ChangeLog
66===================================================================
67--- git.orig/binutils/ChangeLog
68+++ git/binutils/ChangeLog
69@@ -1,3 +1,11 @@
70+2017-06-30 Nick Clifton <nickc@redhat.com>
71+
72+ PR binutils/21665
73+ * objdump.c (disassemble_section): Move check for an overlarge
74+ section to just before the allocation of memory. Do not check
75+ section size against file size, but instead use an arbitrary 2Gb
76+ limit. Issue a warning message if the section is too big.
77+
78 2017-06-26 Nick Clifton <nickc@redhat.com>
79
80 PR binutils/21665
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_8.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_8.patch
new file mode 100644
index 0000000000..45dd974672
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_8.patch
@@ -0,0 +1,187 @@
1From bae7501e87ab614115d9d3213b4dd18d96e604db Mon Sep 17 00:00:00 2001
2From: Alan Modra <amodra@gmail.com>
3Date: Sat, 1 Jul 2017 21:58:10 +0930
4Subject: [PATCH] Use bfd_malloc_and_get_section
5
6It's nicer than xmalloc followed by bfd_get_section_contents, since
7xmalloc exits on failure and needs a check that its size_t arg doesn't
8lose high bits when converted from bfd_size_type.
9
10 PR binutils/21665
11 * objdump.c (strtab): Make var a bfd_byte*.
12 (disassemble_section): Don't limit malloc size. Instead, use
13 bfd_malloc_and_get_section.
14 (read_section_stabs): Use bfd_malloc_and_get_section. Return
15 bfd_byte*.
16 (find_stabs_section): Remove now unnecessary cast.
17 * objcopy.c (copy_object): Use bfd_malloc_and_get_section. Free
18 contents on error return.
19 * nlmconv.c (copy_sections): Use bfd_malloc_and_get_section.
20
21Upstream-Status: Backport
22CVE: CVE-2017-9955 #8
23Signed-off-by: Armin Kuster <akuster@mvista.com>
24
25---
26 binutils/ChangeLog | 13 +++++++++++++
27 binutils/nlmconv.c | 6 ++----
28 binutils/objcopy.c | 5 +++--
29 binutils/objdump.c | 44 +++++++-------------------------------------
30 4 files changed, 25 insertions(+), 43 deletions(-)
31
32Index: git/binutils/ChangeLog
33===================================================================
34--- git.orig/binutils/ChangeLog
35+++ git/binutils/ChangeLog
36@@ -1,3 +1,16 @@
37+2017-07-01 Alan Modra <amodra@gmail.com>
38+
39+ PR binutils/21665
40+ * objdump.c (strtab): Make var a bfd_byte*.
41+ (disassemble_section): Don't limit malloc size. Instead, use
42+ bfd_malloc_and_get_section.
43+ (read_section_stabs): Use bfd_malloc_and_get_section. Return
44+ bfd_byte*.
45+ (find_stabs_section): Remove now unnecessary cast.
46+ * objcopy.c (copy_object): Use bfd_malloc_and_get_section. Free
47+ contents on error return.
48+ * nlmconv.c (copy_sections): Use bfd_malloc_and_get_section.
49+
50 2017-06-30 Nick Clifton <nickc@redhat.com>
51
52 PR binutils/21665
53Index: git/binutils/nlmconv.c
54===================================================================
55--- git.orig/binutils/nlmconv.c
56+++ git/binutils/nlmconv.c
57@@ -1224,7 +1224,7 @@ copy_sections (bfd *inbfd, asection *ins
58 const char *inname;
59 asection *outsec;
60 bfd_size_type size;
61- void *contents;
62+ bfd_byte *contents;
63 long reloc_size;
64 bfd_byte buf[4];
65 bfd_size_type add;
66@@ -1240,9 +1240,7 @@ copy_sections (bfd *inbfd, asection *ins
67 contents = NULL;
68 else
69 {
70- contents = xmalloc (size);
71- if (! bfd_get_section_contents (inbfd, insec, contents,
72- (file_ptr) 0, size))
73+ if (!bfd_malloc_and_get_section (inbfd, insec, &contents))
74 bfd_fatal (bfd_get_filename (inbfd));
75 }
76
77Index: git/binutils/objdump.c
78===================================================================
79--- git.orig/binutils/objdump.c
80+++ git/binutils/objdump.c
81@@ -180,7 +180,7 @@ static long dynsymcount = 0;
82 static bfd_byte *stabs;
83 static bfd_size_type stab_size;
84
85-static char *strtab;
86+static bfd_byte *strtab;
87 static bfd_size_type stabstr_size;
88
89 static bfd_boolean is_relocatable = FALSE;
90@@ -2112,29 +2112,6 @@ disassemble_section (bfd *abfd, asection
91 }
92 rel_ppend = rel_pp + rel_count;
93
94- /* PR 21665: Check for overlarge datasizes.
95- Note - we used to check for "datasize > bfd_get_file_size (abfd)" but
96- this fails when using compressed sections or compressed file formats
97- (eg MMO, tekhex).
98-
99- The call to xmalloc below will fail if too much memory is requested,
100- which will catch the problem in the normal use case. But if a memory
101- checker is in use, eg valgrind or sanitize, then an exception will
102- be still generated, so we try to catch the problem first.
103-
104- Unfortunately there is no simple way to determine how much memory can
105- be allocated by calling xmalloc. So instead we use a simple, arbitrary
106- limit of 2Gb. Hopefully this should be enough for most users. If
107- someone does start trying to disassemble sections larger then 2Gb in
108- size they will doubtless complain and we can increase the limit. */
109-#define MAX_XMALLOC (1024 * 1024 * 1024 * 2UL) /* 2Gb */
110- if (datasize > MAX_XMALLOC)
111- {
112- non_fatal (_("Reading section %s failed because it is too big (%#lx)"),
113- section->name, (unsigned long) datasize);
114- return;
115- }
116-
117 data = (bfd_byte *) xmalloc (datasize);
118
119 bfd_get_section_contents (abfd, section, data, 0, datasize);
120@@ -2652,12 +2629,11 @@ dump_dwarf (bfd *abfd)
121 /* Read ABFD's stabs section STABSECT_NAME, and return a pointer to
122 it. Return NULL on failure. */
123
124-static char *
125+static bfd_byte *
126 read_section_stabs (bfd *abfd, const char *sect_name, bfd_size_type *size_ptr)
127 {
128 asection *stabsect;
129- bfd_size_type size;
130- char *contents;
131+ bfd_byte *contents;
132
133 stabsect = bfd_get_section_by_name (abfd, sect_name);
134 if (stabsect == NULL)
135@@ -2666,10 +2642,7 @@ read_section_stabs (bfd *abfd, const cha
136 return FALSE;
137 }
138
139- size = bfd_section_size (abfd, stabsect);
140- contents = (char *) xmalloc (size);
141-
142- if (! bfd_get_section_contents (abfd, stabsect, contents, 0, size))
143+ if (!bfd_malloc_and_get_section (abfd, stabsect, &contents))
144 {
145 non_fatal (_("reading %s section of %s failed: %s"),
146 sect_name, bfd_get_filename (abfd),
147@@ -2679,7 +2652,7 @@ read_section_stabs (bfd *abfd, const cha
148 return NULL;
149 }
150
151- *size_ptr = size;
152+ *size_ptr = bfd_section_size (abfd, stabsect);
153
154 return contents;
155 }
156@@ -2806,8 +2779,7 @@ find_stabs_section (bfd *abfd, asection
157
158 if (strtab)
159 {
160- stabs = (bfd_byte *) read_section_stabs (abfd, section->name,
161- &stab_size);
162+ stabs = read_section_stabs (abfd, section->name, &stab_size);
163 if (stabs)
164 print_section_stabs (abfd, section->name, &sought->string_offset);
165 }
166Index: git/binutils/objcopy.c
167===================================================================
168--- git.orig/binutils/objcopy.c
169+++ git/binutils/objcopy.c
170@@ -2186,14 +2186,15 @@ copy_object (bfd *ibfd, bfd *obfd, const
171 continue;
172 }
173
174- bfd_byte * contents = xmalloc (size);
175- if (bfd_get_section_contents (ibfd, sec, contents, 0, size))
176+ bfd_byte *contents;
177+ if (bfd_malloc_and_get_section (ibfd, sec, &contents))
178 {
179 if (fwrite (contents, 1, size, f) != size)
180 {
181 non_fatal (_("error writing section contents to %s (error: %s)"),
182 pdump->filename,
183 strerror (errno));
184+ free (contents);
185 return FALSE;
186 }
187 }
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_9.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_9.patch
new file mode 100644
index 0000000000..c6353d8ce0
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_9.patch
@@ -0,0 +1,361 @@
1From 8e2f54bcee7e3e8315d4a39a302eaf8e4389e07d Mon Sep 17 00:00:00 2001
2From: "H.J. Lu" <hjl.tools@gmail.com>
3Date: Tue, 30 May 2017 06:34:05 -0700
4Subject: [PATCH] Add bfd_get_file_size to get archive element size
5
6We can't use stat() to get archive element size. Add bfd_get_file_size
7to get size for both normal files and archive elements.
8
9bfd/
10
11 PR binutils/21519
12 * bfdio.c (bfd_get_file_size): New function.
13 * bfd-in2.h: Regenerated.
14
15binutils/
16
17 PR binutils/21519
18 * objdump.c (dump_relocs_in_section): Replace get_file_size
19 with bfd_get_file_size to get archive element size.
20 * testsuite/binutils-all/objdump.exp (test_objdump_f): New
21 proc.
22 (test_objdump_h): Likewise.
23 (test_objdump_t): Likewise.
24 (test_objdump_r): Likewise.
25 (test_objdump_s): Likewise.
26 Add objdump tests on archive.
27
28Upstream-Status: Backport
29CVE: CVE-2017-9955
30Signed-off-by: Armin Kuster <akuster@mvista.com>
31
32---
33 bfd/ChangeLog | 6 +
34 bfd/bfd-in2.h | 2 +
35 bfd/bfdio.c | 23 ++++
36 binutils/ChangeLog | 13 ++
37 binutils/objdump.c | 2 +-
38 binutils/testsuite/binutils-all/objdump.exp | 178 +++++++++++++++++++---------
39 6 files changed, 170 insertions(+), 54 deletions(-)
40
41Index: git/bfd/bfd-in2.h
42===================================================================
43--- git.orig/bfd/bfd-in2.h
44+++ git/bfd/bfd-in2.h
45@@ -1241,6 +1241,8 @@ long bfd_get_mtime (bfd *abfd);
46
47 file_ptr bfd_get_size (bfd *abfd);
48
49+file_ptr bfd_get_file_size (bfd *abfd);
50+
51 void *bfd_mmap (bfd *abfd, void *addr, bfd_size_type len,
52 int prot, int flags, file_ptr offset,
53 void **map_addr, bfd_size_type *map_len);
54Index: git/bfd/bfdio.c
55===================================================================
56--- git.orig/bfd/bfdio.c
57+++ git/bfd/bfdio.c
58@@ -434,6 +434,29 @@ bfd_get_size (bfd *abfd)
59 return buf.st_size;
60 }
61
62+/*
63+FUNCTION
64+ bfd_get_file_size
65+
66+SYNOPSIS
67+ file_ptr bfd_get_file_size (bfd *abfd);
68+
69+DESCRIPTION
70+ Return the file size (as read from file system) for the file
71+ associated with BFD @var{abfd}. It supports both normal files
72+ and archive elements.
73+
74+*/
75+
76+file_ptr
77+bfd_get_file_size (bfd *abfd)
78+{
79+ if (abfd->my_archive != NULL
80+ && !bfd_is_thin_archive (abfd->my_archive))
81+ return arelt_size (abfd);
82+
83+ return bfd_get_size (abfd);
84+}
85
86 /*
87 FUNCTION
88Index: git/binutils/objdump.c
89===================================================================
90--- git.orig/binutils/objdump.c
91+++ git/binutils/objdump.c
92@@ -3310,7 +3310,7 @@ dump_relocs_in_section (bfd *abfd,
93 }
94
95 if ((bfd_get_file_flags (abfd) & (BFD_IN_MEMORY | BFD_LINKER_CREATED)) == 0
96- && relsize > get_file_size (bfd_get_filename (abfd)))
97+ && relsize > bfd_get_file_size (abfd))
98 {
99 printf (" (too many: 0x%x)\n", section->reloc_count);
100 bfd_set_error (bfd_error_file_truncated);
101Index: git/binutils/testsuite/binutils-all/objdump.exp
102===================================================================
103--- git.orig/binutils/testsuite/binutils-all/objdump.exp
104+++ git/binutils/testsuite/binutils-all/objdump.exp
105@@ -64,96 +64,168 @@ if [regexp $want $got] then {
106 if {![binutils_assemble $srcdir/$subdir/bintest.s tmpdir/bintest.o]} then {
107 return
108 }
109+if {![binutils_assemble $srcdir/$subdir/bintest.s tmpdir/bintest2.o]} then {
110+ return
111+}
112 if [is_remote host] {
113 set testfile [remote_download host tmpdir/bintest.o]
114+ set testfile2 [remote_download host tmpdir/bintest2.o]
115 } else {
116 set testfile tmpdir/bintest.o
117+ set testfile2 tmpdir/bintest2.o
118+}
119+
120+if { ![istarget "alpha-*-*"] || [is_elf_format] } then {
121+ remote_file host file delete tmpdir/bintest.a
122+ set got [binutils_run $AR "rc tmpdir/bintest.a $testfile2"]
123+ if ![string match "" $got] then {
124+ fail "bintest.a"
125+ remote_file host delete tmpdir/bintest.a
126+ } else {
127+ if [is_remote host] {
128+ set testarchive [remote_download host tmpdir/bintest.a]
129+ } else {
130+ set testarchive tmpdir/bintest.a
131+ }
132+ }
133+ remote_file host delete tmpdir/bintest2.o
134 }
135
136 # Test objdump -f
137
138-set got [binutils_run $OBJDUMP "$OBJDUMPFLAGS -f $testfile"]
139+proc test_objdump_f { testfile dumpfile } {
140+ global OBJDUMP
141+ global OBJDUMPFLAGS
142+ global cpus_regex
143
144-set want "$testfile:\[ \]*file format.*architecture:\[ \]*${cpus_regex}.*HAS_RELOC.*HAS_SYMS"
145+ set got [binutils_run $OBJDUMP "$OBJDUMPFLAGS -f $testfile"]
146
147-if ![regexp $want $got] then {
148- fail "objdump -f"
149-} else {
150- pass "objdump -f"
151+ set want "$dumpfile:\[ \]*file format.*architecture:\[ \]*${cpus_regex}.*HAS_RELOC.*HAS_SYMS"
152+
153+ if ![regexp $want $got] then {
154+ fail "objdump -f ($testfile, $dumpfile)"
155+ } else {
156+ pass "objdump -f ($testfile, $dumpfile)"
157+ }
158+}
159+
160+test_objdump_f $testfile $testfile
161+if { [ remote_file host exists $testarchive ] } then {
162+ test_objdump_f $testarchive bintest2.o
163 }
164
165 # Test objdump -h
166
167-set got [binutils_run $OBJDUMP "$OBJDUMPFLAGS -h $testfile"]
168+proc test_objdump_h { testfile dumpfile } {
169+ global OBJDUMP
170+ global OBJDUMPFLAGS
171
172-set want "$testfile:\[ \]*file format.*Sections.*\[0-9\]+\[ \]+\[^ \]*(text|TEXT|P|\\\$CODE\\\$)\[^ \]*\[ \]*(\[0-9a-fA-F\]+).*\[0-9\]+\[ \]+\[^ \]*(\\.data|DATA|D_1)\[^ \]*\[ \]*(\[0-9a-fA-F\]+)"
173+ set got [binutils_run $OBJDUMP "$OBJDUMPFLAGS -h $testfile"]
174
175-if ![regexp $want $got all text_name text_size data_name data_size] then {
176- fail "objdump -h"
177-} else {
178- verbose "text name is $text_name size is $text_size"
179- verbose "data name is $data_name size is $data_size"
180- set ets 8
181- set eds 4
182- # The [ti]c4x target has the property sizeof(char)=sizeof(long)=1
183- if [istarget *c4x*-*-*] then {
184- set ets 2
185- set eds 1
186- }
187- # c54x section sizes are in bytes, not octets; adjust accordingly
188- if [istarget *c54x*-*-*] then {
189- set ets 4
190- set eds 2
191- }
192- if {[expr "0x$text_size"] < $ets || [expr "0x$data_size"] < $eds} then {
193- send_log "sizes too small\n"
194- fail "objdump -h"
195+ set want "$dumpfile:\[ \]*file format.*Sections.*\[0-9\]+\[ \]+\[^ \]*(text|TEXT|P|\\\$CODE\\\$)\[^ \]*\[ \]*(\[0-9a-fA-F\]+).*\[0-9\]+\[ \]+\[^ \]*(\\.data|DATA|D_1)\[^ \]*\[ \]*(\[0-9a-fA-F\]+)"
196+
197+ if ![regexp $want $got all text_name text_size data_name data_size] then {
198+ fail "objdump -h ($testfile, $dumpfile)"
199 } else {
200- pass "objdump -h"
201+ verbose "text name is $text_name size is $text_size"
202+ verbose "data name is $data_name size is $data_size"
203+ set ets 8
204+ set eds 4
205+ # The [ti]c4x target has the property sizeof(char)=sizeof(long)=1
206+ if [istarget *c4x*-*-*] then {
207+ set ets 2
208+ set eds 1
209+ }
210+ # c54x section sizes are in bytes, not octets; adjust accordingly
211+ if [istarget *c54x*-*-*] then {
212+ set ets 4
213+ set eds 2
214+ }
215+ if {[expr "0x$text_size"] < $ets || [expr "0x$data_size"] < $eds} then {
216+ send_log "sizes too small\n"
217+ fail "objdump -h ($testfile, $dumpfile)"
218+ } else {
219+ pass "objdump -h ($testfile, $dumpfile)"
220+ }
221 }
222 }
223
224+test_objdump_h $testfile $testfile
225+if { [ remote_file host exists $testarchive ] } then {
226+ test_objdump_h $testarchive bintest2.o
227+}
228+
229 # Test objdump -t
230
231-set got [binutils_run $OBJDUMP "$OBJDUMPFLAGS -t $testfile"]
232+proc test_objdump_t { testfile} {
233+ global OBJDUMP
234+ global OBJDUMPFLAGS
235+
236+ set got [binutils_run $OBJDUMP "$OBJDUMPFLAGS -t $testfile"]
237+
238+ if [info exists vars] then { unset vars }
239+ while {[regexp "(\[a-z\]*_symbol)(.*)" $got all symbol rest]} {
240+ set vars($symbol) 1
241+ set got $rest
242+ }
243
244-if [info exists vars] then { unset vars }
245-while {[regexp "(\[a-z\]*_symbol)(.*)" $got all symbol rest]} {
246- set vars($symbol) 1
247- set got $rest
248+ if {![info exists vars(text_symbol)] \
249+ || ![info exists vars(data_symbol)] \
250+ || ![info exists vars(common_symbol)] \
251+ || ![info exists vars(external_symbol)]} then {
252+ fail "objdump -t ($testfile)"
253+ } else {
254+ pass "objdump -t ($testfile)"
255+ }
256 }
257
258-if {![info exists vars(text_symbol)] \
259- || ![info exists vars(data_symbol)] \
260- || ![info exists vars(common_symbol)] \
261- || ![info exists vars(external_symbol)]} then {
262- fail "objdump -t"
263-} else {
264- pass "objdump -t"
265+test_objdump_t $testfile
266+if { [ remote_file host exists $testarchive ] } then {
267+ test_objdump_t $testarchive
268 }
269
270 # Test objdump -r
271
272-set got [binutils_run $OBJDUMP "$OBJDUMPFLAGS -r $testfile"]
273+proc test_objdump_r { testfile dumpfile } {
274+ global OBJDUMP
275+ global OBJDUMPFLAGS
276
277-set want "$testfile:\[ \]*file format.*RELOCATION RECORDS FOR \\\[\[^\]\]*(text|TEXT|P|\\\$CODE\\\$)\[^\]\]*\\\].*external_symbol"
278+ set got [binutils_run $OBJDUMP "$OBJDUMPFLAGS -r $testfile"]
279
280-if [regexp $want $got] then {
281- pass "objdump -r"
282-} else {
283- fail "objdump -r"
284+ set want "$dumpfile:\[ \]*file format.*RELOCATION RECORDS FOR \\\[\[^\]\]*(text|TEXT|P|\\\$CODE\\\$)\[^\]\]*\\\].*external_symbol"
285+
286+ if [regexp $want $got] then {
287+ pass "objdump -r ($testfile, $dumpfile)"
288+ } else {
289+ fail "objdump -r ($testfile, $dumpfile)"
290+ }
291+}
292+
293+test_objdump_r $testfile $testfile
294+if { [ remote_file host exists $testarchive ] } then {
295+ test_objdump_r $testarchive bintest2.o
296 }
297
298 # Test objdump -s
299
300-set got [binutils_run $OBJDUMP "$OBJDUMPFLAGS -s $testfile"]
301+proc test_objdump_s { testfile dumpfile } {
302+ global OBJDUMP
303+ global OBJDUMPFLAGS
304
305-set want "$testfile:\[ \]*file format.*Contents.*(text|TEXT|P|\\\$CODE\\\$)\[^0-9\]*\[ \]*\[0-9a-fA-F\]*\[ \]*(00000001|01000000|00000100).*Contents.*(data|DATA|D_1)\[^0-9\]*\[ \]*\[0-9a-fA-F\]*\[ \]*(00000002|02000000|00000200)"
306+ set got [binutils_run $OBJDUMP "$OBJDUMPFLAGS -s $testfile"]
307
308-if [regexp $want $got] then {
309- pass "objdump -s"
310-} else {
311- fail "objdump -s"
312+ set want "$dumpfile:\[ \]*file format.*Contents.*(text|TEXT|P|\\\$CODE\\\$)\[^0-9\]*\[ \]*\[0-9a-fA-F\]*\[ \]*(00000001|01000000|00000100).*Contents.*(data|DATA|D_1)\[^0-9\]*\[ \]*\[0-9a-fA-F\]*\[ \]*(00000002|02000000|00000200)"
313+
314+ if [regexp $want $got] then {
315+ pass "objdump -s ($testfile, $dumpfile)"
316+ } else {
317+ fail "objdump -s ($testfile, $dumpfile)"
318+ }
319+}
320+
321+test_objdump_s $testfile $testfile
322+if { [ remote_file host exists $testarchive ] } then {
323+ test_objdump_s $testarchive bintest2.o
324 }
325
326 # Test objdump -s on a file that contains a compressed .debug section
327Index: git/bfd/ChangeLog
328===================================================================
329--- git.orig/bfd/ChangeLog
330+++ git/bfd/ChangeLog
331@@ -1,3 +1,9 @@
332+2017-05-30 H.J. Lu <hongjiu.lu@intel.com>
333+
334+ PR binutils/21519
335+ * bfdio.c (bfd_get_file_size): New function.
336+ * bfd-in2.h: Regenerated.
337+
338 2017-06-27 Alan Modra <amodra@gmail.com>
339
340 PR binutils/21665
341Index: git/binutils/ChangeLog
342===================================================================
343--- git.orig/binutils/ChangeLog
344+++ git/binutils/ChangeLog
345@@ -1,3 +1,16 @@
346+2017-05-30 H.J. Lu <hongjiu.lu@intel.com>
347+
348+ PR binutils/21519
349+ * objdump.c (dump_relocs_in_section): Replace get_file_size
350+ with bfd_get_file_size to get archive element size.
351+ * testsuite/binutils-all/objdump.exp (test_objdump_f): New
352+ proc.
353+ (test_objdump_h): Likewise.
354+ (test_objdump_t): Likewise.
355+ (test_objdump_r): Likewise.
356+ (test_objdump_s): Likewise.
357+ Add objdump tests on archive.
358+
359 2017-07-01 Alan Modra <amodra@gmail.com>
360
361 PR binutils/21665