summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools
Commit message (Collapse)AuthorAgeFilesLines
* unfs3: Fix libtirpc usage for unfs3-native versionRichard Purdie2018-03-151-2/+2
| | | | | | (From OE-Core rev: 955c4855130ee01e20a9e7f5a76ffee75d77ebe3) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* unfs3: Fix build with muslKhem Raj2018-03-152-3/+44
| | | | | | | | | | | Should also fix build on new build hosts where with glibc 2.27 rpc support is dropped in favor of libtirpc (From OE-Core rev: 62552a76b65b7ab5fa71b188537ae0582c3cbaea) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Remove patch causing ICE on x86_64 valgrind compileRichard Purdie2018-03-142-52/+0
| | | | | | | | | | | | | | | | | | | ../../valgrind-3.12.0/VEX/priv/host_ppc_isel.c: In function 'iselInt64Expr': | ../../valgrind-3.12.0/VEX/priv/host_ppc_isel.c:3270:1: internal compiler error: Segmentation fault | } | ^ | Please submit a full bug report, | with preprocessed source if appropriate. | See <http://gcc.gnu.org/bugs.html> for instructions. | rm -f libvexmultiarch-amd64-linux.a | Makefile:1813: recipe for target 'priv/libvex_amd64_linux_a-host_ppc_isel.o' failed Remove the patch to gcc causing this until the issue can be figured out. (From OE-Core rev: 67e99321233e6a2897a0de33f0b98cd89bc9d3dc) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc6: Backport few more patchesJuro Bystricky2018-03-1413-0/+7207
| | | | | | | | | | | | Backported series of patches from https://github.com/hjl-tools/gcc.git branch /hjl/indirect/gcc-6-branch/master which contains an IA patch series for security related issues (From OE-Core rev: 155936a8e5d29d26ef80333920a056f7c3211657) Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc6: enable FL_LPAE flag for armv7ve coresAndre McCurdy2018-03-142-0/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | The following commit added the FL_LPAE flag to FL_FOR_ARCH7VE, but neglected to also add it to the armv7ve compatible cores defined in arm-cores.def. https://github.com/gcc-mirror/gcc/commit/af2d9b9e58e8be576c53d94f30c48c68146b0c98 The result is that gcc 6.4 now refuses to allow -march=armv7ve and -mcpu=XXX to be used together, even when -mcpu is set to an armv7ve compatible core: arm-linux-gnueabi-gcc -march=armv7ve -mcpu=cortex-a7 -Werror ... error: switch -mcpu=cortex-a7 conflicts with -march=armv7ve switch [-Werror] Fix by defining flags for armv7ve compatible cores directly from FL_FOR_ARCH7VE, rather than re-creating the armv7ve flags independently by combining FL_FOR_ARCH7A with the armv7ve specific FL_THUMB_DIV and FL_ARM_DIV flags. (From OE-Core rev: 9923939703d918461d789712e14420a38ebf978b) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc6: Fix unaligned STRD issue on ARMKhem Raj2018-03-142-0/+195
| | | | | | | | | | | | | | Backport https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82445 Fixes [YOCTO 12297] (From OE-Core rev: 588382b586eb27ba4825d3bdc0d0a807e956cf24) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 568227133be3f9f015679df3525f6c4f86304fd0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc6: Upgrade to 6.4Khem Raj2018-03-1466-81/+24
| | | | | | | | | (From OE-Core rev: 02d2a14333b3cbc8e6acf74245f3db6b6b94c91b) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 7874fa86cb583fe6a178b95ead09430486197197) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Fix libssh_nonshared linker specs for ppc/muslKhem Raj2018-03-141-5/+50
| | | | | | | | | | | | | | | | | The change to link libssp_nonshared.a only for musl was to move spec file changes to config/linux.h under a conditional when DEFAULT_LIBC == LIBC_MUSL which worked fine for all but ppc since gcc for ppc provided its own linux.h overrides which are used. This patch duplicates the change in those headers too Cherry-picked from oe-core master 9d39168a6acfa1f289a4448271c0bf9caaea10ec (From OE-Core rev: 7d391a9e566a6ddc2970fc666a45570310bdc780) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Link libssp_nonshared.a only on musl targetsKhem Raj2018-03-143-29/+43
| | | | | | | | | | | | | | | | | | | | glibc already provides the content for libssp_nonshared in libc_nonshared.a therefore we dont need to make it universal. This also fixed build issues on glibc when linking statically and using -fstack-protector Fixed errors like /mnt/a/oe/build/tmp/work/i586-bec-linux/aufs-util/3.14+gitAUTOINC+bdfcc0dcfc-r0/recipe-sysroot/usr/lib/../lib/libc.a(stack_chk_fail.o): In function `__stack_chk_fail': /usr/src/debug/glibc/2.26-r0/git/debug/stack_chk_fail.c:27: multiple definition of `__stack_chk_fail_local' /mnt/a/oe/build/tmp/work/i586-bec-linux/aufs-util/3.14+gitAUTOINC+bdfcc0dcfc-r0/recipe-sysroot/usr/lib/../lib/libssp_nonshared.a(libssp_nonshared_la-ssp-local.o):/usr/src/debug/gcc-runtime/7.1.0-r0/gcc-7.1.0/build.i586-bec-linux.i586-bec-linux/i586-bec-linux/libssp/../../../../../../../../work-shared/gcc-7.1.0-r0/gcc-7.1.0/libssp/ssp-local.c:47: first defined here collect2: error: ld returned 1 exit status Cherry-picked from oe-core master d71eba26850838b2878efea3f8c392a2eb2ebbfb (From OE-Core rev: 27eaa97595cbac38a8bec118fe3d5f8920ab814e) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-runtime: Disable libitm on riscvKhem Raj2018-03-141-0/+2
| | | | | | | | | (From OE-Core rev: 5098e46cd7101bcc66dd579352292136b29d840b) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 21caa8bcda93ce67ef58548f7b85d0569d13d0b9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-6.3: Backport patch to fix ICE on ARMKhem Raj2018-03-142-0/+52
| | | | | | | | | | | | Fixes internal compiler error: Max. number of generated reload insns per insn is achieved (90) (From OE-Core rev: 7f5485d2b8f978964f1f932fd328c98d0a1872c0) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d2631f45a057c53797b7ba657662f35f66a2b04e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-6.3.inc: Use ucontext_t not struct ucontext.Juro Bystricky2018-03-142-0/+140
| | | | | | | | | | | | | | | | | | | | | | | Use ucontext_t not struct ucontext in linux-unwind.h files. Current glibc no longer gives the ucontext_t type the tag struct ucontext, to conform with POSIX namespace rules. This requires various linux-unwind.h files in libgcc, that were previously using struct ucontext, to be fixed to use ucontext_t instead. This is similar to the removal of the struct siginfo tag from siginfo_t some years ago. Backport of patches by Joseph Myers, taken from https://gcc.gnu.org/viewcvs/gcc?limit_changes=0&view=revision&revision=249957 [YOCTO #12083] (From OE-Core rev: 063f5558ef2040b6d2c34caa553ed09733fc6470) Signed-off-by: Juro Bystricky <juro.bystricky@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit ec1c18d866c137b1fa523d0fcc29f65a28f59f44) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Remove unused patchJussi Kukkonen2018-03-141-290/+0
| | | | | | | | | | | CVE-2016-4490 applied to gcc < 6.1.1, our version is 6.3 (From OE-Core rev: 869d7ddb30e5c522a3e7e200b0696340d37f5198) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d8329861bf6f48f6e541a04062b8d1f373dfcd78) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc: Fix CVE-2016-6131 in libibertyYuanjie Huang2018-03-144-0/+504
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NVD] -- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6131 The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types. [BZ #71696] -- https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71696 2016-08-04 Marcel Böhme <boehme.marcel@gmail.com> PR c++/71696 * cplus-dem.c: Prevent infinite recursion when there is a cycle in the referencing of remembered mangled types. (work_stuff): New stack to keep track of the remembered mangled types that are currently being processed. (push_processed_type): New method to push currently processed remembered type onto the stack. (pop_processed_type): New method to pop currently processed remembered type from the stack. (work_stuff_copy_to_from): Copy values of new variables. (delete_non_B_K_work_stuff): Free stack memory. (demangle_args): Push/Pop currently processed remembered type. (do_type): Do not demangle a cyclic reference and push/pop referenced remembered type. cherry-picked from commit of git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@239143 138bc75d-0d04-0410-961f-82ee72b054a4 (From OE-Core rev: 3c288b181a4cfecc80b48994f4dd2df285e4d1d0) (From OE-Core rev: be00ad34a3827a4205718609f349bc6e8a09733b) Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 96a16c4181d18b8580dad243350d589586cb2b07) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-6: Add fix for missing no-PIE flagsStephen Arnold2018-03-142-0/+23
| | | | | | | | | | | | | | | | | | | Fixes build on hardened PAX host with gcc-5 (linker error on relocs). Completes no-PIE config by adding to ALL_* flags variables. Borrowed from Gentoo gcc patches, tested on 2 hardened amd64 hosts. Upstream-Status: Inappropriate [configuration] Commited by: Gentoo Toolchain Project <toolchain@gentoo.org> (From OE-Core rev: c178791cd78d5a9ebc4d7b7790e647a9bafe9cf2) (From OE-Core rev: e54f26a0dbfc8de22ce8326ac77d1097d13f6e2c) Signed-off-by: Stephen Arnold <stephen.arnold42@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit fcb236ea7cd1ac052719187fefed60ebf1a30ac8) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc-6: Sync gcc stddef.h with musl stddef.hKhem Raj2018-03-143-92/+92
| | | | | | | | | | | | | | | | GCC provides some of std* headers including stddef.h and it syncs with glibc definitions via __needed* defines to find which datatypes are expected to be defined on top of glibc. we need same for musl. Drop unused 0048-ARM-PR-target-71056-Don-t-use-vectorized-builtins-wh.patch (From OE-Core rev: 5c3cfa24e49cbea34c74009b91bf96e0f9a00a63) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 7da04721a620ad741ea50adf116e6b5afd47caa5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gcc6: Upgrade to 6.3.0Khem Raj2018-03-1463-5/+5
| | | | | | | | | | | | | 6.3.0 is a bugfix release in gcc 6 series Cherry-picked from oe-core master 36ffcd1d7d2ab9dcc91e9c09623a6613a248bc69 (From OE-Core rev: c24f6de26efdfb13b95e51b4531d1e111fab409c) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: update to 2.4.3Armin Kuster2018-03-042-356/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a segfault in arm64 multilib. Drop CVE-2017-14064.patch Additional CVE included are 2.4.3: CVE-2017-17405: Command injection vulnerability in Net::FTP Additional CVE included are 2.4.2: CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode CVE-2017-14064: Heap exposure in generating JSON Ruby Gems: DNS request hijacking vulnerability. (CVE-2017-0902) ANSI escape sequence vulnerability. (CVE-2017-0899) DoS vulnerability in the query command. (CVE-2017-0900) vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files. (CVE-2017-0901) (From OE-Core rev: 5bf664ba85c06d17c6e8c200301e42bc5fdab75e) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* pax-utils: update SRC_URIMaxin B. John2018-03-041-2/+1
| | | | | | | | | | | | The gentoo.osuosl.org mirror doesn't store all versions of pax-utils, so use the maintainers own mirror which stores them all. Fixes [YOCTO #11559] (From OE-Core rev: 2892e05c3c1655b97b983ad783ca57c680ab8acb) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: update to 2.4.0Alexander Kanavin2018-01-1415-437/+516
| | | | | | | | | | | | | | | | | Existing version of ruby-native (2.2.5) was crashing on my machine (and others' too), yet a functional ruby is necessary to upgrade webkit to a version that less vulnerable to Spectre. I've performed the update by copying the ruby recipe directory over from the current pyro tree; if you want to see the list of specific commits, issue this command: git log 99656fecf4fa6e24ba49ecb7f26f893e733818a0 meta/recipes-devtools/ruby (up to commit e593d3aeb2ea5f08d6e0753133fe89e345b339e8) (From OE-Core rev: 4734a4b41898e3df252b6234ed1270a915fd1f68) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python.inc: set CVE_PRODUCT to pythonMikko Rapeli2018-01-071-0/+2
| | | | | | | | | | | | | | | | All python versions are just python in NVD like this CVE for python 3.4.4: https://nvd.nist.gov/vuln/detail/CVE-2016-5699 (From OE-Core rev: 166ba306f2e7e18ad69e355c160739cb67814236) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 848e1be494e8ea10c729f95f02acb366e1843d75) Signed-off-by: Ruslan Ruslichenko <rruslich@cisco.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cmake: avoid configure failures if CFLAGS contains -Wstrict-prototypesAndre McCurdy2018-01-072-0/+43
| | | | | | | | | | (From OE-Core rev: 294b706d2b5d6732c8b05e6cf0300c62de1f909f) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 0c89b010ce2e426f55ac7c6f94befef988913834) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-15938Thiruvadi Rajaraman2018-01-072-0/+154
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 76766 Type: Security Fix Disposition: Backport from binutils master ChangeID: f080669b4e6f7c9088e30858238da5f4315192f3 Description: PR22209, invalid memory read in find_abstract_instance_name This patch adds bounds checking for DW_FORM_ref_addr die refs, and calculates them relative to the first .debug_info section. See the big comment for why calculating relative to the current .debug_info section was wrong for relocatable object files. PR 22209 * dwarf2.c (struct comp_unit): Delete sec_info_ptr field. (find_abstract_instance_name): Calculate DW_FORM_ref_addr relative to stash->info_ptr_memory, and check die_ref is within that memory. Set info_ptr_end correctly when another CU is refd. Check die_ref for DW_FORM_ref4 etc. is within CU. Affects: <= 2.29 (From OE-Core rev: 592f315516e602bd9a9bdc3d116771528cd433d1) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-15024Thiruvadi Rajaraman2018-01-072-0/+242
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 76524 Type: Security Fix Disposition: Backport from binutils master ChangeID: 5f22a66eabb228b655605b964ecd350aee700806 Description: PR22187, infinite loop in find_abstract_instance_name This patch prevents the simple case of infinite recursion in find_abstract_instance_name by ensuring that the attributes being processed are not the same as the previous call. The patch also does a little cleanup, and leaves in place some changes to the nested_funcs array that I made when I wrongly thought looping might occur in scan_unit_for_symbols. PR 22187 * dwarf2.c (find_abstract_instance_name): Add orig_info_ptr and pname param. Return status. Make name const. Don't abort, return an error. Formatting. Exit if current info_ptr matches orig_info_ptr. Update callers. (scan_unit_for_symbols): Start at nesting_level of zero. Make nested_funcs an array of structs for extensibility. Formatting. Affects: <= 2.29 (From OE-Core rev: 3e88bb5e933ebbf9c3445bac1814dc0ac105bf45) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-14729Thiruvadi Rajaraman2018-01-072-0/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 76278 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 05de8bcd22d8d0b54badcd3826cd370b3aed81de Description: x86: Guard against corrupted PLT There should be only one entry in PLT for a given symbol. Set howto to NULL after processing a PLT entry to guard against corrupted PLT so that the duplicated PLT entries are skipped. PR binutils/22170 Affects: <= 2.29 (From OE-Core rev: 51fc4c8d86bc7c567794305bcc08e5054e9e204a) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9955Thiruvadi Rajaraman2018-01-0710-0/+1061
| | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73893 Type: Security Fix Disposition: Backport from 'binutils-gdb.git/master' branch ChangeID: 94c3ef8c1fa2e84e84ad76fb45307848d98817c8 Description: PR 21665 : Fixed multiple heap based buffer overflow Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: a36978f0dd372ec836f63942f965652ca3716e3f) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9954Thiruvadi Rajaraman2018-01-072-0/+59
| | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73906 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 13858130a02bbe84744fd33ecbf2bbbd2360c09c Description: Fix address violation parsing a corrupt texhex format file. PR binutils/21670 * tekhex.c (getvalue): Check for the source pointer exceeding the end pointer before the first byte is read. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 162fce9416dcde1a0b7edfbf772fa6e6e18c46a4) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9745Thiruvadi Rajaraman2018-01-072-0/+63
| | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 74062 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 2ec9457275509bfd8dc9185fbdcd485192a82cca Description: Handle EITR records in VMS Alpha binaries with overlarge command length parameters. PR binutils/21579 * vms-alpha.c (_bfd_vms_slurp_etir): Extend check of cmd_length. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: f8542a9cf50c8001f675f68e42234c306d8ce1e7) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9756Thiruvadi Rajaraman2018-01-072-0/+44
| | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73919 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: bd4a354c2a1bd14e26232fc88a736950aa19403a Description: Prevent address violation problem when disassembling corrupt aarch64 binary. PR binutils/21595 * aarch64-dis.c (aarch64_ext_ldst_reglist): Check for an out of range value. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: f48d4c21673c16760c5a9ff51934127339234f85) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9755Thiruvadi Rajaraman2018-01-073-0/+163
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73932 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 49ad5f3244cd51ee6714c1b60cc1c3f84d7de7c8 Description: i386-dis: Add 2 tests with invalid bnd register PR binutils/21594 * testsuite/gas/i386/mpx.s: Add 2 tests with invalid bnd register. * testsuite/gas/i386/x86-64-mpx.s: Likewise. * testsuite/gas/i386/mpx.d: Updated. * testsuite/gas/i386/x86-64-mpx.d: Likewise. i386-dis: Check valid bnd register Since there are only 4 bnd registers, return "(bad)" for register number > 3. PR binutils/21594 * i386-dis.c (OP_E_register): Check valid bnd register. (OP_G): Likewise. Affects: <= 2.28 Author: H.J. Lu <hjl.tools@gmail.com> (From OE-Core rev: 98b66508f8b382f047d12df430b6e812a9336ab9) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9753_and_CVE-2017-9754Thiruvadi Rajaraman2018-01-072-0/+77
| | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73958, 73945 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: a39fdc82900af3f5d6ae396c913ac902f4ef7f60 Description: Fix seg-faults in objdump when disassembling a corrupt versados binary. PR binutils/21591 * versados.c (versados_mkobject): Zero the allocated tdata structure. (process_otr): Check for an invalid offset in the otr structure. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 7d46daa5e580e841f83b9070b3c84e87d8fd1181) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9752Thiruvadi Rajaraman2018-01-072-0/+205
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73971 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: fe0e1d0f234ed157135818c24f4270c34e093828 Description: Fix potential address violations when processing a corrupt Alpha VMA binary. PR binutils/21589 * vms-alpha.c (_bfd_vms_get_value): Add an extra parameter - the maximum value for the ascic pointer. Check that name processing does not read beyond this value. (_bfd_vms_slurp_etir): Add checks for attempts to read beyond the end of etir record. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: ea89dfe868085b463dfc24df78b49d1703989484) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9750Thiruvadi Rajaraman2018-01-072-0/+263
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73997 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 36893e1db9214b4da972a1eeb482be34405f0410 Description: Fix address violation problems when disassembling a corrupt RX binary. PR binutils/21587 * rx-decode.opc: Include libiberty.h (GET_SCALE): New macro - validates access to SCALE array. (GET_PSCALE): New macro - validates access to PSCALE array. (DIs, SIs, S2Is, rx_disp): Use new macros. * rx-decode.c: Regenerate. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: d8996fd2bf72fa774202724864ef014592a16ece) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9747Thiruvadi Rajaraman2018-01-072-0/+41
| | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 74036 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: b25bffca0b51e9c13ba752534b64bd28a147a135 Description: Fix address violation parsing a corrupt ieee binary. PR binutils/21581 (ieee_archive_p): Use a static buffer to avoid compiler bugs. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: c12bb8d25b9af2df8cbff0a457c2d049efdf49d9) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9748Thiruvadi Rajaraman2018-01-072-0/+46
| | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 74023 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: efff4d9ed538ff859ab5105a3594690e860d0779 Description: Avoid a possible compiler bug by using a static buffer instead of a stack local buffer. PR binutils/21582 * ieee.c (ieee_object_p): Use a static buffer to avoid compiler bugs. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: fe9fed67e2f62223626f6683b197bc3b55092d54) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9746Thiruvadi Rajaraman2018-01-072-0/+89
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 74049 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 8dad195531894850a242ccf70990a963cf16f291 Description: Fix address violation when disassembling a corrupt binary. PR binutils/21580 binutils * objdump.c (disassemble_bytes): Check for buffer overrun when printing out rae insns. ld * testsuite/ld-nds32/diff.d: Adjust expected output. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 2a13567ea790d71a36eab0293f5a1918ef447e13) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9749Thiruvadi Rajaraman2018-01-072-0/+76
| | | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 74010 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 5b89fbcab899af53585b61bd40724a38bff831d3 Description: Prevent invalid array accesses when disassembling a corrupt bfin binary. PR binutils/21586 * bfin-dis.c (gregs): Clip index to prevent overflow. (regs): Likewise. (regs_lo): Likewise. (regs_hi): Likewise. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 3306cbace5069e58bb62f31ec91ca805410bd949) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9751Thiruvadi Rajaraman2018-01-072-0/+3739
| | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 73984 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: b0488808caeeef072f9b00dd174c750da5e58b4b Description: Fix address violation when disassembling a corrupt RL78 binary. PR binutils/21588 * rl78-decode.opc (OP_BUF_LEN): Define. (GETBYTE): Check for the index exceeding OP_BUF_LEN. (rl78_decode_opcode): Use OP_BUF_LEN as the length of the op_buf array. * rl78-decode.c: Regenerate. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 40325ae2c4160fa99cebd5cef3f8df5063976076) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7299Thiruvadi Rajaraman2018-01-073-0/+169
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74257 Type: Security Fix Disposition: Backport from 'embedded-binutils-master' ChangeID: b55df05e3d3fd21bd30edaea124135892747b1ee Description: Linking non-ELF file broken by PR20908 fix PR ld/20968 PR ld/20908 * elflink.c (bfd_elf_final_link): Revert 2016-12-02 change. Move reloc counting code later after ELF flavour test. PR lf/20908 * elflink.c (bfd_elf_final_link): Check for ELF flavour binaries when following indirect links. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 020863d45d39a336723300138777583afb0b12c7) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8398Thiruvadi Rajaraman2018-01-072-0/+148
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74127 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 410078b468de6dc1c908342283a6abe5bdf38d54 Description: Fix heap-buffer overflow bugs caused when dumping debug information from a corrupt binary. PR binutils/21438 * dwarf.c (process_extended_line_op): Do not assume that the string extracted from the section is NUL terminated. (fetch_indirect_string): If the string retrieved from the section is not NUL terminated, return an error message. (fetch_indirect_line_string): Likewise. (fetch_indexed_string): Likewise. Affects: <= 2.29 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 1e19e656a97caf61f26ab4f52339b9413d3bb29f) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8394Thiruvadi Rajaraman2018-01-073-0/+196
| | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74166 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: d614742d33a55da6cafede60cd171766afb0aa1d Description: PR 21414, null pointer deref of _bfd_elf_large_com_section sym PR 21414 * section.c (GLOBAL_SYM_INIT): Make available in bfd.h. * elf.c (lcomm_sym): New. (_bfd_elf_large_com_section): Use lcomm_sym section symbol. * bfd-in2.h: Regenerate. Affects: <= 2.29 Author: Alan Modra <amodra@gmail.com> (From OE-Core rev: 0d6e08ffc4760947653ad9368d594074d506f697) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8421Thiruvadi Rajaraman2018-01-072-0/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74140 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 5f6dd48c427de8663c5a80af6db44ce5c579d42c Description: Prevent memory exhaustion from a corrupt PE binary with an overlarge number of relocs. PR 21440 * objdump.c (dump_relocs_in_section): Check for an excessive number of relocs before attempting to dump them. Affects: <= 2.29 Author: Alan Modra <amodra@gmail.com> (From OE-Core rev: 09c642a70e2a12dcc01ffe45c333011a142c02a7) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8396Thiruvadi Rajaraman2018-01-072-0/+103
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74101 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: db47540066f83529439566f8621d6e35fe86b77c Description: buffer overflow in perform_relocation The existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. PR 21432 * reloc.c (reloc_offset_in_range): New function. (bfd_perform_relocation, bfd_install_relocation): Use it. (_bfd_final_link_relocate): Likewise. Affects: <= 2.29 Author: Alan Modra <amodra@gmail.com> (From OE-Core rev: e5aa4adaddbae184bbbb1c42f79c1deba931c72a) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Fix seg-fault in the linker when examining a corrupt binary.Manjunath S Matti2018-01-072-0/+56
| | | | | | | | | | | | | | | | | | | | | | | | | Source: https://sourceware.org/ MR: 74244 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=531336e3a0b79ed60cfc36ad2d6579b6a71175da ChangeID: 69cc8699fcb0655f3a48778e514552dfaea7229c Description: Fix seg-fault in the linker when examining a corrupt binary. PR ld/20909 * aoutx.h (aout_link_add_symbols): Fix off-by-one error in check for an illegal string offset. CVE: CVE-2017-7300 Affects: < 2.27-r0.9.1 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: c1b259c5fef13e1ecff9a68d82cde49c777ffa4d) Signed-off-by: Manjunath S Matti <mmatti@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8397Thiruvadi Rajaraman2018-01-072-0/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74114 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: d55e7590c08c4db483bba2fa35df8fbb6283686e Description: Fix a seg-fault when processing a corrupt binary containing reloc(s) with negative addresses. PR binutils/21434 * reloc.c (bfd_perform_relocation): Check for a negative address in the reloc. Affects: <= 2.29 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 6dd9179c4208c8d13f7e9c784d9993606416ab97) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8395Thiruvadi Rajaraman2018-01-072-0/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74153 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 27dce214c561f9ae6f874990432f9d76a7de29d4 Description: Fix seg-fault attempting to compress a debug section in a corrupt binary. PR binutils/21431 * compress.c (bfd_init_section_compress_status): Check the return value from bfd_malloc. Affects: <= 2.29 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: addac2e8f6f6132807a590a032a4292079542fbe) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8393Thiruvadi Rajaraman2018-01-072-0/+202
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74179 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 976156cd25454143883090ca42010c38c6d6af0f Description: PR 21412, get_reloc_section assumes .rel/.rela name for SHT_REL/RELA. This patch fixes an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix. I'm also modifying the interface for elf_backend_get_reloc_section, so any backend function just needs to handle name mapping. Affects: <= 2.29 Author: Alan Modra <amodra@gmail.com> (From OE-Core rev: 24124406a2a1657b80ba2933bef40ccf798c8097) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7304Thiruvadi Rajaraman2018-01-072-0/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74192 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: 9a4c249becded1b479c0b9e9f175aebb80294317 Description: Fix seg-fault in strip when copying a corrupt binary. PR binutils/20931 * elf.c (copy_special_section_fields): Check for an invalid sh_link field before attempting to follow it. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: fcadfc35ebe90d3f0f3aa0db8caeddb5c07c3120) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7303Thiruvadi Rajaraman2018-01-072-0/+56
| | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74205 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: db5bfb63661d39846c3b03353e1383c621759d48 Description: Fix seg-fault attempting to strip a corrupt binary. PR binutils/20922 * elf.c (find_link): Check for null headers before attempting to match them. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: ef1a98976886560396a514458edb80a21f09b808) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7302Thiruvadi Rajaraman2018-01-072-0/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74218 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: 11677f4fb24c7a49efc23ea7d54de1bf85e74b12 Description: Fix seg-fault running strip on a corrupt binary. PR binutils/20921 * aoutx.h (squirt_out_relocs): Check for and report any relocs that could not be recognised. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: dbe4c78bee0ed36fc8789f1a13678be1b8c0bcf5) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>