meta/recipes-devtools/binutils/binutils/CVE-2017-7299_1.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47

commit d7f399a8de4c55eb841db6493597a587fac002de
Author: Nick Clifton <nickc@redhat.com>
Date:   Fri Dec 2 17:46:26 2016 +0000

    Fix seg-fault in linker when passed a corrupt binary input file.
    
    	PR lf/20908
    	* elflink.c (bfd_elf_final_link): Check for ELF flavour binaries
    	when following indirect links.

Upstream-Status: Backport

CVE: CVE-2017-7299
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>

Index: git/bfd/elflink.c
===================================================================
--- git.orig/bfd/elflink.c	2017-09-20 14:15:26.337333504 +0530
+++ git/bfd/elflink.c	2017-09-20 14:20:19.000000000 +0530
@@ -11201,6 +11201,12 @@
 	      asection *sec;
 
 	      sec = p->u.indirect.section;
+	      /* See PR 20908 for a reproducer.  */
+	      if (bfd_get_flavour (sec->owner) != bfd_target_elf_flavour)
+		{
+		  _bfd_error_handler (_("%B: not in ELF format"), sec->owner);
+		  goto error_return;
+		}
 	      esdi = elf_section_data (sec);
 
 	      /* Mark all sections which are to be included in the
Index: git/bfd/ChangeLog
===================================================================
--- git.orig/bfd/ChangeLog	2017-09-20 14:20:19.000000000 +0530
+++ git/bfd/ChangeLog	2017-09-20 14:23:48.743556932 +0530
@@ -192,6 +192,10 @@
 
 2016-12-02  Nick Clifton  <nickc@redhat.com>
 
+	PR lf/20908
+	* elflink.c (bfd_elf_final_link): Check for ELF flavour binaries
+	when following indirect links.
+
 	PR ld/20909
 	* aoutx.h (aout_link_add_symbols): Fix off-by-one error in check
 	for an illegal string offset.