summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArmin Kuster <akuster@mvista.com>2018-08-08 18:14:51 (GMT)
committerRichard Purdie <richard.purdie@linuxfoundation.org>2018-08-15 09:22:45 (GMT)
commit711e5e7b082a33382d6d28d4c37c84e21fc4027d (patch)
tree8362bad106cf64219572ecab88f1b5f1c947660f
parent2d7d54a5c52e528bb3e1da8e3d64bcb427abc472 (diff)
downloadpoky-711e5e7b082a33382d6d28d4c37c84e21fc4027d.tar.gz
Binutils: Security fix for CVE-2018-10373
Affects: <= 2.30 (From OE-Core rev: bea11092ddf2e6778bd55af1f2044a9e9fa1383b) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-devtools/binutils/binutils-2.29.1.inc1
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2018-10373.patch45
2 files changed, 46 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.29.1.inc b/meta/recipes-devtools/binutils/binutils-2.29.1.inc
index 7830b87..1916743 100644
--- a/meta/recipes-devtools/binutils/binutils-2.29.1.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.29.1.inc
@@ -66,6 +66,7 @@ SRC_URI = "\
66 file://CVE-2017-17125.patch \ 66 file://CVE-2017-17125.patch \
67 file://CVE-2017-17123.patch \ 67 file://CVE-2017-17123.patch \
68 file://CVE-2018-10372.patch \ 68 file://CVE-2018-10372.patch \
69 file://CVE-2018-10373.patch \
69" 70"
70S = "${WORKDIR}/git" 71S = "${WORKDIR}/git"
71 72
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-10373.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-10373.patch
new file mode 100644
index 0000000..963d767
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-10373.patch
@@ -0,0 +1,45 @@
1From 6327533b1fd29fa86f6bf34e61c332c010e3c689 Mon Sep 17 00:00:00 2001
2From: Nick Clifton <nickc@redhat.com>
3Date: Tue, 17 Apr 2018 14:30:07 +0100
4Subject: [PATCH] Add a check for a NULL table pointer before attempting to
5 compute a DWARF filename.
6
7 PR 23065
8 * dwarf2.c (concat_filename): Check for a NULL table pointer.
9
10Upstream-Status: Backport
11Affects: <= 2.30
12CVE: CVE-2018-10373
13Signed-off-by: Armin Kuster <akuster@mvista.com>
14
15---
16 bfd/ChangeLog | 5 +++++
17 bfd/dwarf2.c | 2 +-
18 2 files changed, 6 insertions(+), 1 deletion(-)
19
20Index: git/bfd/dwarf2.c
21===================================================================
22--- git.orig/bfd/dwarf2.c
23+++ git/bfd/dwarf2.c
24@@ -1587,7 +1587,7 @@ concat_filename (struct line_info_table
25 {
26 char *filename;
27
28- if (file - 1 >= table->num_files)
29+ if (table == NULL || file - 1 >= table->num_files)
30 {
31 /* FILE == 0 means unknown. */
32 if (file)
33Index: git/bfd/ChangeLog
34===================================================================
35--- git.orig/bfd/ChangeLog
36+++ git/bfd/ChangeLog
37@@ -1,3 +1,8 @@
38+2018-04-17 Nick Clifton <nickc@redhat.com>
39+
40+ PR 23065
41+ * dwarf2.c (concat_filename): Check for a NULL table pointer.
42+
43 2017-11-28 Nick Clifton <nickc@redhat.com>
44
45 PR 22506