summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArmin Kuster <akuster@mvista.com>2018-08-07 02:29:45 (GMT)
committerRichard Purdie <richard.purdie@linuxfoundation.org>2018-08-15 09:22:45 (GMT)
commite4c382ecc6212166644d7b85fbdbf7ee0c1264dc (patch)
tree72184524c7cd03d17f7702b940a6c266de2a287b
parent09d31d0806778a658b66c9d474e78bf160ede18a (diff)
downloadpoky-e4c382ecc6212166644d7b85fbdbf7ee0c1264dc.tar.gz
binutls: Security fix for CVE-2017-15225
Affects: <= 2.29.1 (From OE-Core rev: 885e991934e5e20ac69551e73da9d3219eb4c24e) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-devtools/binutils/binutils-2.29.1.inc1
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2017-15225.patch48
2 files changed, 49 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.29.1.inc b/meta/recipes-devtools/binutils/binutils-2.29.1.inc
index 57e4b10..2440873 100644
--- a/meta/recipes-devtools/binutils/binutils-2.29.1.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.29.1.inc
@@ -49,6 +49,7 @@ SRC_URI = "\
49 file://CVE-2017-15023.patch \ 49 file://CVE-2017-15023.patch \
50 file://CVE-2017-15024.patch \ 50 file://CVE-2017-15024.patch \
51 file://CVE-2017-15025.patch \ 51 file://CVE-2017-15025.patch \
52 file://CVE-2017-15225.patch \
52" 53"
53S = "${WORKDIR}/git" 54S = "${WORKDIR}/git"
54 55
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-15225.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-15225.patch
new file mode 100644
index 0000000..2ef3f53
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-15225.patch
@@ -0,0 +1,48 @@
1From b55ec8b676ed05d93ee49d6c79ae0403616c4fb0 Mon Sep 17 00:00:00 2001
2From: Alan Modra <amodra@gmail.com>
3Date: Mon, 9 Oct 2017 13:21:44 +1030
4Subject: [PATCH] PR22212, memory leak in nm
5
6 PR 22212
7 * dwarf2.c (_bfd_dwarf2_cleanup_debug_info): Free
8 funcinfo_hash_table and varinfo_hash_table.
9
10Upstream-Status: Backport
11Affects: <= 2.29.1
12CVE: CVE-2017-15225
13Signed-off-by: Armin Kuster <akuster@mvista.com>
14
15---
16 bfd/ChangeLog | 6 ++++++
17 bfd/dwarf2.c | 4 ++++
18 2 files changed, 10 insertions(+)
19
20Index: git/bfd/dwarf2.c
21===================================================================
22--- git.orig/bfd/dwarf2.c
23+++ git/bfd/dwarf2.c
24@@ -4932,6 +4932,10 @@ _bfd_dwarf2_cleanup_debug_info (bfd *abf
25 }
26 }
27
28+ if (stash->funcinfo_hash_table)
29+ bfd_hash_table_free (&stash->funcinfo_hash_table->base);
30+ if (stash->varinfo_hash_table)
31+ bfd_hash_table_free (&stash->varinfo_hash_table->base);
32 if (stash->dwarf_abbrev_buffer)
33 free (stash->dwarf_abbrev_buffer);
34 if (stash->dwarf_line_buffer)
35Index: git/bfd/ChangeLog
36===================================================================
37--- git.orig/bfd/ChangeLog
38+++ git/bfd/ChangeLog
39@@ -1,3 +1,9 @@
40+2017-10-09 Alan Modra <amodra@gmail.com>
41+
42+ PR 22212
43+ * dwarf2.c (_bfd_dwarf2_cleanup_debug_info): Free
44+ funcinfo_hash_table and varinfo_hash_table.
45+
46 2017-09-24 Alan Modra <amodra@gmail.com>
47
48 PR 22186