summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDeepthi Hemraj <Deepthi.Hemraj@windriver.com>2023-11-21 03:42:54 -0800
committerSteve Sakoman <steve@sakoman.com>2023-11-28 05:00:32 -1000
commit39aa7af59b14de71709cb56fdd3425c1001ce8de (patch)
treea575e751bb0e14d494c44cd8bc975b016d9aa978
parent2629c5fe89229901db08f52e579b1b1caede9b5b (diff)
downloadpoky-39aa7af59b14de71709cb56fdd3425c1001ce8de.tar.gz
binutils: Fix CVE-2022-47007
(From OE-Core rev: 03e6ea59d82e613ba3b5d388fa87317cef982f2b) Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r--meta/recipes-devtools/binutils/binutils-2.38.inc1
-rw-r--r--meta/recipes-devtools/binutils/binutils/0033-CVE-2022-47007.patch34
2 files changed, 35 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc
index 43cc97f1ef..dc29141812 100644
--- a/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -67,5 +67,6 @@ SRC_URI = "\
67 file://0031-CVE-2022-47695.patch \ 67 file://0031-CVE-2022-47695.patch \
68 file://CVE-2022-48063.patch \ 68 file://CVE-2022-48063.patch \
69 file://0032-CVE-2022-47010.patch \ 69 file://0032-CVE-2022-47010.patch \
70 file://0033-CVE-2022-47007.patch \
70" 71"
71S = "${WORKDIR}/git" 72S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0033-CVE-2022-47007.patch b/meta/recipes-devtools/binutils/binutils/0033-CVE-2022-47007.patch
new file mode 100644
index 0000000000..cc6dfe684b
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0033-CVE-2022-47007.patch
@@ -0,0 +1,34 @@
1From: Alan Modra <amodra@gmail.com>
2Date: Thu, 16 Jun 2022 23:30:41 +0000 (+0930)
3Subject: PR29254, memory leak in stab_demangle_v3_arg
4X-Git-Tag: binutils-2_39~237
5X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=0ebc886149c22aceaf8ed74267821a59ca9d03eb
6
7PR29254, memory leak in stab_demangle_v3_arg
8
9 PR 29254
10 * stabs.c (stab_demangle_v3_arg): Free dt on failure path.
11
12Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=0ebc886149c22aceaf8ed74267821a59ca9d03eb]
13
14CVE: CVE-2022-47007
15
16Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
17---
18
19diff --git a/binutils/stabs.c b/binutils/stabs.c
20index 2b5241637c1..796ff85b86a 100644
21--- a/binutils/stabs.c
22+++ b/binutils/stabs.c
23@@ -5467,7 +5467,10 @@ stab_demangle_v3_arg (void *dhandle, struct stab_handle *info,
24 dc->u.s_binary.right,
25 &varargs);
26 if (pargs == NULL)
27- return NULL;
28+ {
29+ free (dt);
30+ return NULL;
31+ }
32
33 return debug_make_function_type (dhandle, dt, pargs, varargs);
34 }