binutls: Security fix for CVE-2017-15225

Affects: <= 2.29.1 (From OE-Core rev: 885e991934e5e20ac69551e73da9d3219eb4c24e) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Armin Kuster <akuster@mvista.com> 2018-08-06 19:29:45 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2018-08-15 10:22:45 +0100
commit: e4c382ecc6212166644d7b85fbdbf7ee0c1264dc (patch)
tree: 72184524c7cd03d17f7702b940a6c266de2a287b /meta
parent: 09d31d0806778a658b66c9d474e78bf160ede18a (diff)
download: poky-e4c382ecc6212166644d7b85fbdbf7ee0c1264dc.tar.gz
2 files changed, 49 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.29.1.inc b/meta/recipes-devtools/binutils/binutils-2.29.1.inc
index 57e4b10947..2440873cd9 100644
--- a/meta/recipes-devtools/binutils/binutils-2.29.1.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.29.1.inc
@@ -49,6 +49,7 @@ SRC_URI = "\
     file://CVE-2017-15023.patch \
     file://CVE-2017-15024.patch \
     file://CVE-2017-15025.patch \
+     file://CVE-2017-15225.patch \
 "
 S  = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-15225.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-15225.patch
new file mode 100644
index 0000000000..2ef3f53737
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-15225.patch
@@ -0,0 +1,48 @@
+From b55ec8b676ed05d93ee49d6c79ae0403616c4fb0 Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Mon, 9 Oct 2017 13:21:44 +1030
+Subject: [PATCH] PR22212, memory leak in nm
+        PR 22212
+        * dwarf2.c (_bfd_dwarf2_cleanup_debug_info): Free
+        funcinfo_hash_table and varinfo_hash_table.
+Upstream-Status: Backport
+Affects: <= 2.29.1
+CVE: CVE-2017-15225
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+---
+ bfd/ChangeLog | 6 ++++++
+ bfd/dwarf2.c  | 4 ++++
+ 2 files changed, 10 insertions(+)
+Index: git/bfd/dwarf2.c
+===================================================================
+--- git.orig/bfd/dwarf2.c
+++ git/bfd/dwarf2.c
+@@ -4932,6 +4932,10 @@ _bfd_dwarf2_cleanup_debug_info (bfd *abf
+        }
+     }
+ 
+  if (stash->funcinfo_hash_table)
+    bfd_hash_table_free (&stash->funcinfo_hash_table->base);
+  if (stash->varinfo_hash_table)
+    bfd_hash_table_free (&stash->varinfo_hash_table->base);
+   if (stash->dwarf_abbrev_buffer)
+     free (stash->dwarf_abbrev_buffer);
+   if (stash->dwarf_line_buffer)
+Index: git/bfd/ChangeLog
+===================================================================
+--- git.orig/bfd/ChangeLog
+++ git/bfd/ChangeLog
+@@ -1,3 +1,9 @@
+2017-10-09  Alan Modra  <amodra@gmail.com>
+
+       PR 22212
+       * dwarf2.c (_bfd_dwarf2_cleanup_debug_info): Free
+       funcinfo_hash_table and varinfo_hash_table.
+
+ 2017-09-24  Alan Modra  <amodra@gmail.com>
+ 
+        PR 22186
author	Armin Kuster <akuster@mvista.com>	2018-08-06 19:29:45 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2018-08-15 10:22:45 +0100
commit	e4c382ecc6212166644d7b85fbdbf7ee0c1264dc (patch)
tree	72184524c7cd03d17f7702b940a6c266de2a287b /meta
parent	09d31d0806778a658b66c9d474e78bf160ede18a (diff)
download	poky-e4c382ecc6212166644d7b85fbdbf7ee0c1264dc.tar.gz

diff --git a/meta/recipes-devtools/binutils/binutils-2.29.1.inc b/meta/recipes-devtools/binutils/binutils-2.29.1.inc index 57e4b10947..2440873cd9 100644 --- a/meta/recipes-devtools/binutils/binutils-2.29.1.inc +++ b/meta/recipes-devtools/binutils/binutils-2.29.1.inc
@@ -49,6 +49,7 @@ SRC_URI = "\
49	file://CVE-2017-15023.patch \	49	file://CVE-2017-15023.patch \
50	file://CVE-2017-15024.patch \	50	file://CVE-2017-15024.patch \
51	file://CVE-2017-15025.patch \	51	file://CVE-2017-15025.patch \
		52	file://CVE-2017-15225.patch \
52	"	53	"
53	S = "${WORKDIR}/git"	54	S = "${WORKDIR}/git"
54		55


diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-15225.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-15225.patch new file mode 100644 index 0000000000..2ef3f53737 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-15225.patch
@@ -0,0 +1,48 @@
		1	From b55ec8b676ed05d93ee49d6c79ae0403616c4fb0 Mon Sep 17 00:00:00 2001
		2	From: Alan Modra <amodra@gmail.com>
		3	Date: Mon, 9 Oct 2017 13:21:44 +1030
		4	Subject: [PATCH] PR22212, memory leak in nm
		5
		6	PR 22212
		7	* dwarf2.c (_bfd_dwarf2_cleanup_debug_info): Free
		8	funcinfo_hash_table and varinfo_hash_table.
		9
		10	Upstream-Status: Backport
		11	Affects: <= 2.29.1
		12	CVE: CVE-2017-15225
		13	Signed-off-by: Armin Kuster <akuster@mvista.com>
		14
		15	---
		16	bfd/ChangeLog \| 6 ++++++
		17	bfd/dwarf2.c \| 4 ++++
		18	2 files changed, 10 insertions(+)
		19
		20	Index: git/bfd/dwarf2.c
		21	===================================================================
		22	--- git.orig/bfd/dwarf2.c
		23	+++ git/bfd/dwarf2.c
		24	@@ -4932,6 +4932,10 @@ _bfd_dwarf2_cleanup_debug_info (bfd *abf
		25	}
		26	}
		27
		28	+ if (stash->funcinfo_hash_table)
		29	+ bfd_hash_table_free (&stash->funcinfo_hash_table->base);
		30	+ if (stash->varinfo_hash_table)
		31	+ bfd_hash_table_free (&stash->varinfo_hash_table->base);
		32	if (stash->dwarf_abbrev_buffer)
		33	free (stash->dwarf_abbrev_buffer);
		34	if (stash->dwarf_line_buffer)
		35	Index: git/bfd/ChangeLog
		36	===================================================================
		37	--- git.orig/bfd/ChangeLog
		38	+++ git/bfd/ChangeLog
		39	@@ -1,3 +1,9 @@
		40	+2017-10-09 Alan Modra <amodra@gmail.com>
		41	+
		42	+ PR 22212
		43	+ * dwarf2.c (_bfd_dwarf2_cleanup_debug_info): Free
		44	+ funcinfo_hash_table and varinfo_hash_table.
		45	+
		46	2017-09-24 Alan Modra <amodra@gmail.com>
		47
		48	PR 22186