summaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
...
* image: Expand PV to avoid AUTOREV parsing failuresRichard Purdie2018-01-201-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, setting PV to include SRCPV for build-appliance results in: bb.data_smart.ExpansionError: Failure expanding variable SRCPV, expression was ${@bb.fetch2.get_srcrev(d)} which triggered exception FetchError: Fetcher failure: Fetch command export ftp_proxy="http://proxy.yocto.io:5187/"; export FTP_PROXY="http://proxy.yocto.io:5187/"; export PATH="${TMPDIR}/work/ qemux86_64-poky-linux/build-appliance-image/fetcheravoidrecurse-r0/ recipe-sysroot-native/usr/bin/python3-native:${TMPDIR}/work/ qemux86_64-poky-linux/build-appliance-image/fetcheravoidrecurse-r0/ recipe-sysroot-native/usr/bin/python3-native:${TMPDIR}/work/ qemux86_64-poky-linux/build-appliance-image/fetcheravoidrecurse-r0/ recipe-sysroot-native/usr/bin/python3-native:/home/pokybuild/ yocto-autobuilder/yocto-worker/buildtools/build/scripts:${TMPDIR}/ work/qemux86_64-poky-linux/build-appliance-image/fetcheravoidrecurse-r0/ recipe-sysroot-native/usr/bin/x86_64-poky-linux:${TMPDIR}/work/ qemux86_64-poky-linux/build-appliance-image/fetcheravoidrecurse-r0/ recipe-sysroot/usr/bin/crossscripts:${TMPDIR}/work/qemux86_64-poky-linux/ build-appliance-image/fetcheravoidrecurse-r0/recipe-sysroot-native/usr/sbin: ${TMPDIR}/work/qemux86_64-poky-linux/build-appliance-image/ fetcheravoidrecurse-r0/recipe-sysroot-native/usr/bin:${TMPDIR}/work/ qemux86_64-poky-linux/build-appliance-image/fetcheravoidrecurse-r0/ recipe-sysroot-native/sbin:${TMPDIR}/work/qemux86_64-poky-linux/ build-appliance-image/fetcheravoidrecurse-r0/recipe-sysroot-native/bin:/home/ pokybuild/yocto-autobuilder/yocto-worker/buildtools/build/bitbake/bin:${TMPDIR} /hosttools"; export HOME="/home/pokybuild"; git -c core.fsyncobjectfiles=0 ls-remote git://git.yoctoproject.org/poky failed with exit code 127, output: /bin/sh: 1: git: not found This is because PV is being expanded when TMPDIR is unset. Expand PV in advance to avoid this problem. (From OE-Core rev: 9ce26c121f52d5194732be34f93e86128e1fdeaf) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libunwind: Disable documentation explicitlyRichard Purdie2018-01-141-0/+1
| | | | | | | | | | We don't have latex2man in HOSTTOOLs so documentaion is never built but this dependency does cause problems on older releases like morty, pre-HOSTTOOLS. Document the configuration explicitly in master. (From OE-Core rev: 7e4ac608a2ac077c68e178fd1519c8e98403cff3) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* webkitgtk: update to 2.18.5 (includes Spectre mitigations; see commit ↵Alexander Kanavin2018-01-1414-357/+377
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | description) This is the only available stable version with mitigation fixes for Spectre. Webkit upstream developers do not port CVE fixes to earlier stable series, no exception was made in this case. More information: https://webkit.org/blog/8048/what-spectre-and-meltdown-mean-for-webkit/ https://webkitgtk.org/security/WSA-2018-0001.html https://webkitgtk.org/2018/01/10/webkitgtk2.18.5-released.html This commit also contains the following commits added in master branch after morty release: webkitgtk: update to 2.14.1 Rebase 0001-WebKitMacros-Append-to-I-and-not-to-isystem.patch (From OE-Core rev: a44d50c827b5180ff901d31c443ea02e100b10d5) (From OE-Core rev: 22f686cd6b818d27571bd42060246851cc2e093a) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkit: Reduce duplication in MIPS variants. Reduce duplication in MIPS variants now that the MACHINEOVERRIDES variable is defined (From OE-Core rev: f76d972aff47412a2cbd2d47134d66046cfe574a) Signed-off-by: Zubair Lutfullah Kakakhel <Zubair.Kakakhel@imgtec.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: drop patch 0001-WebKitMacros-Append-to-I-and-not-to-isystem.patch * This patch is not longer needed. Upstream has fixed this issue in: https://trac.webkit.org/changeset/205672 which is already included in WebKitGTK+ >= 2.14.0 (From OE-Core rev: 812c52f654c1bccca033163100055e3a8b8cda6e) Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Add an option to disable opengl support (From OE-Core rev: 04e17727a3d1b52f6f93078fd16c6c7c9ba2b0d4) Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Use MIPS MACHINE_OVERRIDES The mipsarch* MACHINE_OVERRIDES can be used to pass the same parameters to MIPS pre-R2 and R6 ISA variants. Use them to reduce duplication in supporting MIPS R6 ISA. (From OE-Core rev: 8369b3568828b1dcff0f3a061a18367f018ac447) Signed-off-by: Zubair Lutfullah Kakakhel <Zubair.Kakakhel@imgtec.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: update to 2.14.2 (From OE-Core rev: ccce954f7f0b24390ce36460cf05499c8169ed10) Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === Revert "webkitgtk: drop patch 0001-WebKitMacros-Append-to-I-and-not-to-isystem.patch" This reverts commit 812c52f654c1bccca033163100055e3a8b8cda6e. Upstream fixed the issue with GCC. But the build still fails with Clang. Therefore reintroduce this patch until a better solution is found. Upstream bug: https://bugs.webkit.org/show_bug.cgi?id=161697 (From OE-Core rev: 39be43943e3de0eb0ab9b61b405f3b76f12a307d) Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Fix atomic detection on arm architecture (From OE-Core rev: a77fc49defcf3a30a8f026cfdbd56565750f5a61) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: patch & disable JIT for x32 It might not be speedy, but it does build now. (From OE-Core rev: 79f7e215ee7c176f02efafe7359aaa77dbd9430c) Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: add missing python-native dep Since we can't inherit pythonnative, we need this dep explicitly. (From OE-Core rev: 63530f59e43738bac081aaf3c89ec57006038dce) Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: update to 2.14.5 Remove a reference to WebKit/LICENSE, as the directory is not there anymore (and the LICENSE file in it hasn't been moved somewhere else) - it was a relic of webkit 1.x era. (From OE-Core rev: 10331f42acfa5dc429198b7c025cc2360511e534) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Fix build on aarch64 Do not try to do runtime tests during cross compile Fixes | CMake Error at Source/cmake/OptionsCommon.cmake:73 (math): | math cannot parse the expression: "-1": syntax error, unexpected exp_MINUS, | expecting exp_OPENPARENT or exp_NUMBER (1) (From OE-Core rev: 528006009dddd876a830e0a8f248658182a37f37) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Upgrade to 2.16.1 Fix build with gcc7 Move all patches to webkit folder Drop patches that were backports or have been upstreamed (From OE-Core rev: bfbdd1a2069f199be9ba0909dd512469ff17b65e) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: remove native python dependency Using host python seems to be fine. (From OE-Core rev: 7cf80640f53bd8faa4874c2dad5f630a935475f6) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Fix build for armv5 Detect atomics during configure (From OE-Core rev: 424ffbde2111130137e307eb9e598ad50451c865) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Upgrade to 2.16.3 Use bfd linker on ppc, this is because gold fails to link webkit libraries when PIE is enabled (From OE-Core rev: 8808d4b13a946499bc6e84a1be15f53d8ab3f673) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Upgrade to 2.16.5 Adjust some dependencies: libgcrypt is now required (instead of gnutls) and the following build deps where missing: gettext-native, glib-2.0 and glib-2.0-native. Also the CMake argument ENABLE_CREDENTIAL_STORAGE has been renamed to USE_LIBSECRET. This new upstream release (2.16.4 actually) includes security fixes for CVE: CVE-2017-2538 (From OE-Core rev: ef68005a8c527e9b1d05b7769f0ec8ebe9ec3f91) Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: update to 2.16.6 (From OE-Core rev: 198ccdbefa481f725492b5d8834213fe26431be5) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Do not use -isystem forcibly this causes include_next <stdlib.h> to not find this header since -isystem <sysroot> is added via cmake, we alrady are using --sysroot so rely on that (From OE-Core rev: a0f2d1389a7e76b64003fea391a0cd485ff5fe77) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: Add a recommends on shared-mime-info. * without this package installed any WebKitGTK+ based browser will fail to correctly open html files (and other files) from disk (file:// URIs). It will open them as plain txt files. (From OE-Core rev: b708cb53b46d9d82a7853bcd0f25ef6bc417bd10) Signed-off-by: Carlos Alberto Lopez Perez <clopez@igalia.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: disable gobject-introspection on armv7a Disable gobject-introspection on armv7a and armv7ve to avoid do_compile failure: | qemu: uncaught target signal 11 (Segmentation fault) - core dumped | Segmentation fault (From OE-Core rev: bdddd81c8b4eab6bbf7a8697992b48cb5a30ae4a) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> === webkitgtk: update to 2.18.3 gcc7.patch, musl-fixes.patch, and ppc-musl-fix.patch all change code that is no longer present in upstream tree. However, a patch with different musl fixes has been added. The rest of the patches are rebased to the new tree. Libtasn is a new dependency. Disable Gstreamer GL support on x86 due to clashing headers problem. (From OE-Core rev: 3acae2dcd130122fe76504ec855af78db829d6ec) === webkitgtk: fix build with musl and x32 Make the x32 check generic to make it work with musl as well. Fixes [YOCTO #12118] (From OE-Core rev: dbd604ccf34e304769937b15051c047561de47f7) === Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: update to 2.4.0Alexander Kanavin2018-01-1415-437/+516
| | | | | | | | | | | | | | | | | Existing version of ruby-native (2.2.5) was crashing on my machine (and others' too), yet a functional ruby is necessary to upgrade webkit to a version that less vulnerable to Spectre. I've performed the update by copying the ruby recipe directory over from the current pyro tree; if you want to see the list of specific commits, issue this command: git log 99656fecf4fa6e24ba49ecb7f26f893e733818a0 meta/recipes-devtools/ruby (up to commit e593d3aeb2ea5f08d6e0753133fe89e345b339e8) (From OE-Core rev: 4734a4b41898e3df252b6234ed1270a915fd1f68) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glib.inc: set CVE_PRODUCT to glibMikko Rapeli2018-01-071-0/+2
| | | | | | | | | | | | | | | NVD uses product glib and vendor gnome for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2016-6855 (From OE-Core rev: 4d4d07650d600fcb8fb1de8592494c3a9e4189ce) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 69d6342d45316389afb4b062088919689db0a6dd) Signed-off-by: Ruslan Ruslichenko <rruslich@cisco.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* glibc-common.inc: set CVE_PRODUCT to glibcMikko Rapeli2018-01-071-0/+1
| | | | | | | | | | | | | All recipes which include this .inc map to glibc NVD component. (From OE-Core rev: 221266dcf1f8825b5e4cf397d67cf535facca7e7) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 613a13725db4e05539974cc7c66584a287d7b4bd) Signed-off-by: Ruslan Ruslichenko <rruslich@cisco.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* sqlite3.inc: set CVE_PRODUCT to sqliteMikko Rapeli2018-01-071-0/+2
| | | | | | | | | | | | | | | It is used in NVD for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2016-6153 (From OE-Core rev: c717da006b2f12c5ec4bcdc6bdbcb4d1098829a5) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit cec6f26f4d2f16c9a58fac5a6344e3d43b36ed09) Signed-off-by: Ruslan Ruslichenko <rruslich@cisco.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python.inc: set CVE_PRODUCT to pythonMikko Rapeli2018-01-071-0/+2
| | | | | | | | | | | | | | | | All python versions are just python in NVD like this CVE for python 3.4.4: https://nvd.nist.gov/vuln/detail/CVE-2016-5699 (From OE-Core rev: 166ba306f2e7e18ad69e355c160739cb67814236) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 848e1be494e8ea10c729f95f02acb366e1843d75) Signed-off-by: Ruslan Ruslichenko <rruslich@cisco.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* icu.inc: set CVE_PRODUCT to international_components_for_unicodeMikko Rapeli2018-01-071-0/+2
| | | | | | | | | | | | | | | NVD uses it for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2014-8146 (From OE-Core rev: de11341de3fc073f4aad91746a398168d1833333) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit eaac39100cadc81c89e6eb5ab389cd684699aa90) Signed-off-by: Ruslan Ruslichenko <rruslich@cisco.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5.inc: set CVE_PRODUCT to bluezMikko Rapeli2018-01-071-0/+2
| | | | | | | | | | | | | | | bluez is the product name in NVD database for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2016-7837 (From OE-Core rev: 3ca903e5305ad2236ecf763e241a26f4df18e278) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit aade84aa54bb2f958572623ed6464184efd19862) Signed-off-by: Ruslan Ruslichenko <rruslich@cisco.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* acpid.inc: set CVE_PRODUCT to acpid2Mikko Rapeli2018-01-071-0/+2
| | | | | | | | | | | | | | | It is used in NVD database for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2011-4578 (From OE-Core rev: 03225f76dd255ae2f70d0ebdece62be284f2a090) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 966052df79df0f68565ebc40887170322d3f85b8) Signed-off-by: Ruslan Ruslichenko <rruslich@cisco.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cmake: avoid configure failures if CFLAGS contains -Wstrict-prototypesAndre McCurdy2018-01-072-0/+43
| | | | | | | | | | (From OE-Core rev: 294b706d2b5d6732c8b05e6cf0300c62de1f909f) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 0c89b010ce2e426f55ac7c6f94befef988913834) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-15938Thiruvadi Rajaraman2018-01-072-0/+154
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 76766 Type: Security Fix Disposition: Backport from binutils master ChangeID: f080669b4e6f7c9088e30858238da5f4315192f3 Description: PR22209, invalid memory read in find_abstract_instance_name This patch adds bounds checking for DW_FORM_ref_addr die refs, and calculates them relative to the first .debug_info section. See the big comment for why calculating relative to the current .debug_info section was wrong for relocatable object files. PR 22209 * dwarf2.c (struct comp_unit): Delete sec_info_ptr field. (find_abstract_instance_name): Calculate DW_FORM_ref_addr relative to stash->info_ptr_memory, and check die_ref is within that memory. Set info_ptr_end correctly when another CU is refd. Check die_ref for DW_FORM_ref4 etc. is within CU. Affects: <= 2.29 (From OE-Core rev: 592f315516e602bd9a9bdc3d116771528cd433d1) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-15024Thiruvadi Rajaraman2018-01-072-0/+242
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 76524 Type: Security Fix Disposition: Backport from binutils master ChangeID: 5f22a66eabb228b655605b964ecd350aee700806 Description: PR22187, infinite loop in find_abstract_instance_name This patch prevents the simple case of infinite recursion in find_abstract_instance_name by ensuring that the attributes being processed are not the same as the previous call. The patch also does a little cleanup, and leaves in place some changes to the nested_funcs array that I made when I wrongly thought looping might occur in scan_unit_for_symbols. PR 22187 * dwarf2.c (find_abstract_instance_name): Add orig_info_ptr and pname param. Return status. Make name const. Don't abort, return an error. Formatting. Exit if current info_ptr matches orig_info_ptr. Update callers. (scan_unit_for_symbols): Start at nesting_level of zero. Make nested_funcs an array of structs for extensibility. Formatting. Affects: <= 2.29 (From OE-Core rev: 3e88bb5e933ebbf9c3445bac1814dc0ac105bf45) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-14729Thiruvadi Rajaraman2018-01-072-0/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 76278 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 05de8bcd22d8d0b54badcd3826cd370b3aed81de Description: x86: Guard against corrupted PLT There should be only one entry in PLT for a given symbol. Set howto to NULL after processing a PLT entry to guard against corrupted PLT so that the duplicated PLT entries are skipped. PR binutils/22170 Affects: <= 2.29 (From OE-Core rev: 51fc4c8d86bc7c567794305bcc08e5054e9e204a) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9955Thiruvadi Rajaraman2018-01-0710-0/+1061
| | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73893 Type: Security Fix Disposition: Backport from 'binutils-gdb.git/master' branch ChangeID: 94c3ef8c1fa2e84e84ad76fb45307848d98817c8 Description: PR 21665 : Fixed multiple heap based buffer overflow Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: a36978f0dd372ec836f63942f965652ca3716e3f) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9954Thiruvadi Rajaraman2018-01-072-0/+59
| | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73906 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 13858130a02bbe84744fd33ecbf2bbbd2360c09c Description: Fix address violation parsing a corrupt texhex format file. PR binutils/21670 * tekhex.c (getvalue): Check for the source pointer exceeding the end pointer before the first byte is read. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 162fce9416dcde1a0b7edfbf772fa6e6e18c46a4) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9745Thiruvadi Rajaraman2018-01-072-0/+63
| | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 74062 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 2ec9457275509bfd8dc9185fbdcd485192a82cca Description: Handle EITR records in VMS Alpha binaries with overlarge command length parameters. PR binutils/21579 * vms-alpha.c (_bfd_vms_slurp_etir): Extend check of cmd_length. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: f8542a9cf50c8001f675f68e42234c306d8ce1e7) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9756Thiruvadi Rajaraman2018-01-072-0/+44
| | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73919 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: bd4a354c2a1bd14e26232fc88a736950aa19403a Description: Prevent address violation problem when disassembling corrupt aarch64 binary. PR binutils/21595 * aarch64-dis.c (aarch64_ext_ldst_reglist): Check for an out of range value. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: f48d4c21673c16760c5a9ff51934127339234f85) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9755Thiruvadi Rajaraman2018-01-073-0/+163
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73932 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 49ad5f3244cd51ee6714c1b60cc1c3f84d7de7c8 Description: i386-dis: Add 2 tests with invalid bnd register PR binutils/21594 * testsuite/gas/i386/mpx.s: Add 2 tests with invalid bnd register. * testsuite/gas/i386/x86-64-mpx.s: Likewise. * testsuite/gas/i386/mpx.d: Updated. * testsuite/gas/i386/x86-64-mpx.d: Likewise. i386-dis: Check valid bnd register Since there are only 4 bnd registers, return "(bad)" for register number > 3. PR binutils/21594 * i386-dis.c (OP_E_register): Check valid bnd register. (OP_G): Likewise. Affects: <= 2.28 Author: H.J. Lu <hjl.tools@gmail.com> (From OE-Core rev: 98b66508f8b382f047d12df430b6e812a9336ab9) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9753_and_CVE-2017-9754Thiruvadi Rajaraman2018-01-072-0/+77
| | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73958, 73945 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: a39fdc82900af3f5d6ae396c913ac902f4ef7f60 Description: Fix seg-faults in objdump when disassembling a corrupt versados binary. PR binutils/21591 * versados.c (versados_mkobject): Zero the allocated tdata structure. (process_otr): Check for an invalid offset in the otr structure. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 7d46daa5e580e841f83b9070b3c84e87d8fd1181) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9752Thiruvadi Rajaraman2018-01-072-0/+205
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73971 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: fe0e1d0f234ed157135818c24f4270c34e093828 Description: Fix potential address violations when processing a corrupt Alpha VMA binary. PR binutils/21589 * vms-alpha.c (_bfd_vms_get_value): Add an extra parameter - the maximum value for the ascic pointer. Check that name processing does not read beyond this value. (_bfd_vms_slurp_etir): Add checks for attempts to read beyond the end of etir record. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: ea89dfe868085b463dfc24df78b49d1703989484) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9750Thiruvadi Rajaraman2018-01-072-0/+263
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 73997 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 36893e1db9214b4da972a1eeb482be34405f0410 Description: Fix address violation problems when disassembling a corrupt RX binary. PR binutils/21587 * rx-decode.opc: Include libiberty.h (GET_SCALE): New macro - validates access to SCALE array. (GET_PSCALE): New macro - validates access to PSCALE array. (DIs, SIs, S2Is, rx_disp): Use new macros. * rx-decode.c: Regenerate. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: d8996fd2bf72fa774202724864ef014592a16ece) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9747Thiruvadi Rajaraman2018-01-072-0/+41
| | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 74036 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: b25bffca0b51e9c13ba752534b64bd28a147a135 Description: Fix address violation parsing a corrupt ieee binary. PR binutils/21581 (ieee_archive_p): Use a static buffer to avoid compiler bugs. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: c12bb8d25b9af2df8cbff0a457c2d049efdf49d9) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9748Thiruvadi Rajaraman2018-01-072-0/+46
| | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 74023 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: efff4d9ed538ff859ab5105a3594690e860d0779 Description: Avoid a possible compiler bug by using a static buffer instead of a stack local buffer. PR binutils/21582 * ieee.c (ieee_object_p): Use a static buffer to avoid compiler bugs. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: fe9fed67e2f62223626f6683b197bc3b55092d54) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9746Thiruvadi Rajaraman2018-01-072-0/+89
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 74049 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 8dad195531894850a242ccf70990a963cf16f291 Description: Fix address violation when disassembling a corrupt binary. PR binutils/21580 binutils * objdump.c (disassemble_bytes): Check for buffer overrun when printing out rae insns. ld * testsuite/ld-nds32/diff.d: Adjust expected output. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 2a13567ea790d71a36eab0293f5a1918ef447e13) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9749Thiruvadi Rajaraman2018-01-072-0/+76
| | | | | | | | | | | | | | | | | | | | | | | | | | | Source: binutils-gdb.git MR: 74010 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 5b89fbcab899af53585b61bd40724a38bff831d3 Description: Prevent invalid array accesses when disassembling a corrupt bfin binary. PR binutils/21586 * bfin-dis.c (gregs): Clip index to prevent overflow. (regs): Likewise. (regs_lo): Likewise. (regs_hi): Likewise. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 3306cbace5069e58bb62f31ec91ca805410bd949) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-9751Thiruvadi Rajaraman2018-01-072-0/+3739
| | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 73984 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: b0488808caeeef072f9b00dd174c750da5e58b4b Description: Fix address violation when disassembling a corrupt RL78 binary. PR binutils/21588 * rl78-decode.opc (OP_BUF_LEN): Define. (GETBYTE): Check for the index exceeding OP_BUF_LEN. (rl78_decode_opcode): Use OP_BUF_LEN as the length of the op_buf array. * rl78-decode.c: Regenerate. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 40325ae2c4160fa99cebd5cef3f8df5063976076) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7299Thiruvadi Rajaraman2018-01-073-0/+169
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74257 Type: Security Fix Disposition: Backport from 'embedded-binutils-master' ChangeID: b55df05e3d3fd21bd30edaea124135892747b1ee Description: Linking non-ELF file broken by PR20908 fix PR ld/20968 PR ld/20908 * elflink.c (bfd_elf_final_link): Revert 2016-12-02 change. Move reloc counting code later after ELF flavour test. PR lf/20908 * elflink.c (bfd_elf_final_link): Check for ELF flavour binaries when following indirect links. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 020863d45d39a336723300138777583afb0b12c7) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8398Thiruvadi Rajaraman2018-01-072-0/+148
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74127 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 410078b468de6dc1c908342283a6abe5bdf38d54 Description: Fix heap-buffer overflow bugs caused when dumping debug information from a corrupt binary. PR binutils/21438 * dwarf.c (process_extended_line_op): Do not assume that the string extracted from the section is NUL terminated. (fetch_indirect_string): If the string retrieved from the section is not NUL terminated, return an error message. (fetch_indirect_line_string): Likewise. (fetch_indexed_string): Likewise. Affects: <= 2.29 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 1e19e656a97caf61f26ab4f52339b9413d3bb29f) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8394Thiruvadi Rajaraman2018-01-073-0/+196
| | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74166 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: d614742d33a55da6cafede60cd171766afb0aa1d Description: PR 21414, null pointer deref of _bfd_elf_large_com_section sym PR 21414 * section.c (GLOBAL_SYM_INIT): Make available in bfd.h. * elf.c (lcomm_sym): New. (_bfd_elf_large_com_section): Use lcomm_sym section symbol. * bfd-in2.h: Regenerate. Affects: <= 2.29 Author: Alan Modra <amodra@gmail.com> (From OE-Core rev: 0d6e08ffc4760947653ad9368d594074d506f697) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8421Thiruvadi Rajaraman2018-01-072-0/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74140 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 5f6dd48c427de8663c5a80af6db44ce5c579d42c Description: Prevent memory exhaustion from a corrupt PE binary with an overlarge number of relocs. PR 21440 * objdump.c (dump_relocs_in_section): Check for an excessive number of relocs before attempting to dump them. Affects: <= 2.29 Author: Alan Modra <amodra@gmail.com> (From OE-Core rev: 09c642a70e2a12dcc01ffe45c333011a142c02a7) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8396Thiruvadi Rajaraman2018-01-072-0/+103
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74101 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: db47540066f83529439566f8621d6e35fe86b77c Description: buffer overflow in perform_relocation The existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. PR 21432 * reloc.c (reloc_offset_in_range): New function. (bfd_perform_relocation, bfd_install_relocation): Use it. (_bfd_final_link_relocate): Likewise. Affects: <= 2.29 Author: Alan Modra <amodra@gmail.com> (From OE-Core rev: e5aa4adaddbae184bbbb1c42f79c1deba931c72a) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Fix seg-fault in the linker when examining a corrupt binary.Manjunath S Matti2018-01-072-0/+56
| | | | | | | | | | | | | | | | | | | | | | | | | Source: https://sourceware.org/ MR: 74244 Type: Security Fix Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=531336e3a0b79ed60cfc36ad2d6579b6a71175da ChangeID: 69cc8699fcb0655f3a48778e514552dfaea7229c Description: Fix seg-fault in the linker when examining a corrupt binary. PR ld/20909 * aoutx.h (aout_link_add_symbols): Fix off-by-one error in check for an illegal string offset. CVE: CVE-2017-7300 Affects: < 2.27-r0.9.1 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: c1b259c5fef13e1ecff9a68d82cde49c777ffa4d) Signed-off-by: Manjunath S Matti <mmatti@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8397Thiruvadi Rajaraman2018-01-072-0/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74114 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: d55e7590c08c4db483bba2fa35df8fbb6283686e Description: Fix a seg-fault when processing a corrupt binary containing reloc(s) with negative addresses. PR binutils/21434 * reloc.c (bfd_perform_relocation): Check for a negative address in the reloc. Affects: <= 2.29 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 6dd9179c4208c8d13f7e9c784d9993606416ab97) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8395Thiruvadi Rajaraman2018-01-072-0/+73
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74153 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 27dce214c561f9ae6f874990432f9d76a7de29d4 Description: Fix seg-fault attempting to compress a debug section in a corrupt binary. PR binutils/21431 * compress.c (bfd_init_section_compress_status): Check the return value from bfd_malloc. Affects: <= 2.29 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: addac2e8f6f6132807a590a032a4292079542fbe) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-8393Thiruvadi Rajaraman2018-01-072-0/+202
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74179 Type: Security Fix Disposition: Backport from binutils-2_29 ChangeID: 976156cd25454143883090ca42010c38c6d6af0f Description: PR 21412, get_reloc_section assumes .rel/.rela name for SHT_REL/RELA. This patch fixes an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix. I'm also modifying the interface for elf_backend_get_reloc_section, so any backend function just needs to handle name mapping. Affects: <= 2.29 Author: Alan Modra <amodra@gmail.com> (From OE-Core rev: 24124406a2a1657b80ba2933bef40ccf798c8097) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7304Thiruvadi Rajaraman2018-01-072-0/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74192 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: 9a4c249becded1b479c0b9e9f175aebb80294317 Description: Fix seg-fault in strip when copying a corrupt binary. PR binutils/20931 * elf.c (copy_special_section_fields): Check for an invalid sh_link field before attempting to follow it. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: fcadfc35ebe90d3f0f3aa0db8caeddb5c07c3120) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7303Thiruvadi Rajaraman2018-01-072-0/+56
| | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74205 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: db5bfb63661d39846c3b03353e1383c621759d48 Description: Fix seg-fault attempting to strip a corrupt binary. PR binutils/20922 * elf.c (find_link): Check for null headers before attempting to match them. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: ef1a98976886560396a514458edb80a21f09b808) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7302Thiruvadi Rajaraman2018-01-072-0/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74218 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: 11677f4fb24c7a49efc23ea7d54de1bf85e74b12 Description: Fix seg-fault running strip on a corrupt binary. PR binutils/20921 * aoutx.h (squirt_out_relocs): Check for and report any relocs that could not be recognised. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: dbe4c78bee0ed36fc8789f1a13678be1b8c0bcf5) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7301Thiruvadi Rajaraman2018-01-072-0/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74231 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: 1fbae9f71e3ad90f930f8b25d550de964e05c259 Description: Fix seg-fault in linker parsing a corrupt input file. PR ld/20924 (aout_link_add_symbols): Fix off by one error checking for overflow of string offset. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 315608a626f9e21d198d1600ded69114ac1e16d1) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7227Thiruvadi Rajaraman2018-01-072-0/+50
| | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74270 Type: Security Fix Disposition: Backport from binutils-2_28-branch ChangeID: e4e88f56ba13671afb5b3194ca4c1c59601e5fd5 Description: Fix seg-fault in linker when passed a bogus input script. PR ld/20906 * ldlex.l: Check for bogus strings in linker scripts. Affects: <= 2.28 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: 650a5b69c4ae7cf91d13993225877d0187bcb65e) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7225Thiruvadi Rajaraman2018-01-072-0/+67
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74296 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: d2cf3ab15c89351c941c92e4cdf28c2bfa9dcda8 Description: Fix seg-fault running addr2line on a corrupt binary. PR binutils/20891 * aoutx.h (find_nearest_line): Handle the case where the main file name and the directory name are both empty. Affects: <= 2.29 Author: Nick Clifton <nickc@redhat.com> (From OE-Core rev: ba01ee6899c8d36e6469f6d02d40866fb0502af9) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7224Thiruvadi Rajaraman2018-01-072-0/+49
| | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74309 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: 640c2ad711ead368a65079a464c55368851e8744 Description: Fix a seg-fault disassembling a corrupt binary. PR binutils/20892 * aoutx.h (find_nearest_line): Handle the case where the function name is empty. Affects: <= 2.29 (From OE-Core rev: 54992e752e396fc5b3bc5b067cfc4741f1176bb3) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7223Thiruvadi Rajaraman2018-01-072-0/+41
| | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74322 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: c7e14cdaab09996e736a6294834d3470ac9ddb6c Description: Fix seg fault attempting to unget an EOF character. PR gas/20898 * app.c (do_scrub_chars): Do not attempt to unget EOF. Affects: <= 2.29 (From OE-Core rev: b35c5c25947daf47b5cbccd8836e22234baa6f0f) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-12450_12452_12453_12454_12456Thiruvadi Rajaraman2018-01-073-0/+490
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 73854, 73827, 73814, 73801, 73775 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: fb23096307f9903872a04edf171d1fd2099e35c5 Description: Fix address violation errors parsing corrupt binary files. PR 21813 binutils* rddbg.c (read_symbol_stabs_debugging_info): Check for an empty string whilst concatenating symbol names. bfd * mach-o.c (bfd_mach_o_canonicalize_relocs): Pass the base address of the relocs to the canonicalize_one_reloc routine. * mach-o.h (struct bfd_mach_o_backend_data): Update the prototype for the _bfd_mach_o_canonicalize_one_reloc field. * mach-o-arm.c (bfd_mach_o_arm_canonicalize_one_reloc): Add res_base parameter. Use to check for corrupt pair relocs. * mach-o-aarch64.c (bfd_mach_o_arm64_canonicalize_one_reloc): Likewise. * mach-o-i386.c (bfd_mach_o_i386_canonicalize_one_reloc): Likewise. * mach-o-x86-64.c (bfd_mach_o_x86_64_canonicalize_one_reloc): Likewise. * vms-alpha.c (_bfd_vms_slurp_eihd): Make sure that there is enough data in the record before attempting to parse it. (_bfd_vms_slurp_eeom): Likewise. (_bfd_vms_slurp_egsd): Check for an invalid section index. (image_set_ptr): Likewise. (alpha_vms_slurp_relocs): Likewise. Affects: <= 2.29 (From OE-Core rev: 2cc3922462c9dd86f50a419a2a4abb0f3b5b4745) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-12451Thiruvadi Rajaraman2018-01-072-0/+385
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 73840 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: 582c686f18c059d665189a6a09df3a8cc4a3b093 Description: Fix address violation when attempting to read a corrupt field in a COFF archive header structure. PR 21786 * coff-rs6000.c (_bfd_strntol): New function. (_bfd_strntoll): New function. (GET_VALUE_IN_FIELD): New macro. (EQ_VALUE_IN_FIELD): new macro. (_bfd_xcoff_slurp_armap): Use new macros. (_bfd_xcoff_archive_p): Likewise. (_bfd_xcoff_read_ar_hdr): Likewise. (_bfd_xcoff_openr_next_archived_file): Likewise. (_bfd_xcoff_stat_arch_elt): Likewise. Extend previous fix to coff-rs6000.c to coff64-rs6000.c PR 21786 * coff64-rs6000.c (_bfd_strntol): New function. (_bfd_strntoll): New function. (GET_VALUE_IN_FIELD): New macro. (xcoff64_slurp_armap): Use new macros. Affects: <= 2.29 (From OE-Core rev: 62eeac8e4684c129af6f36aa7c2b91270a5dacde) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-12449, CVE-2017_12455, CVE-2017-12457, CVE-2017-12458, ↵Thiruvadi Rajaraman2018-01-073-0/+339
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CVE-2017-12459 Source: git://sourceware.org/git/binutils-gdb.git MR: 73867, 73788, 73762, 73749, 73734 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: 29a1fd75a879d40560b3891305b7d9577e26ffe5 Description: Fix address violation issues encountered when parsing corrupt binaries. PR 21840 * mach-o.c (bfd_mach_o_read_symtab_strtab): Fail if the symtab size is -1. * nlmcode.h (nlm_swap_auxiliary_headers_in): Replace assertion with error return. * section.c (bfd_make_section_with_flags): Fail if the name or bfd are NULL. * vms-alpha.c (bfd_make_section_with_flags): Correct computation of end pointer. (evax_bfd_print_emh): Check for invalid string lengths. Fix address violations when reading corrupt VMS records. PR binutils/21618 * vms-alpha.c (evax_bfd_print_emh): Check for insufficient record length. (evax_bfd_print_eeom): Likewise. (evax_bfd_print_egsd): Check for an overlarge record length. (evax_bfd_print_etir): Likewise. Affects: <= 2.29 (From OE-Core rev: 62c4dc16dd8fe99cba970c5e7d8dfc063855d4b9) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-12448Thiruvadi Rajaraman2018-01-072-0/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 73880 Type: Security Fix Disposition: Backport from binutils-2_29-branch ChangeID: 6ef7c8e941d7a1c069b29e4671178c0d02427e3f Description: Fix use-after-free error when parsing a corrupt nested archive. PR 21787 * archive.c (bfd_generic_archive_p): If the bfd does not have the correct magic bytes at the start, set the error to wrong format and clear the format selector before returning NULL. Affects: <= 2.29 (From OE-Core rev: 996e7af41b48107bab5eca0ea26f507541382bd5) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binutils: CVE-2017-7226Thiruvadi Rajaraman2018-01-072-0/+43
| | | | | | | | | | | | | | | | | | | | | Source: git://sourceware.org/git/binutils-gdb.git MR: 74283 Type: Security Fix Disposition: Backport from binutils_v2_28 ChangeID: 82097a4b98d3d576e1b1bfb7ac9ae17fd153c909 Description: Use strnlen to avoid running over the end of the string buffer. Affects: <= 2.28 (From OE-Core rev: abc9e4eebafac084bee054954bd93288cd1d0a8c) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>