summaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
authorThiruvadi Rajaraman <trajaraman@mvista.com>2017-08-23 14:06:58 +0530
committerRichard Purdie <richard.purdie@linuxfoundation.org>2018-01-07 17:10:07 +0000
commit7296c9fbd6cbf871f163cf3cb55d5ef2415e588d (patch)
tree1b00b40cdd338fb600d2e9a0d4e2b5bec7c08a3e /meta
parent34041f58fd277edf1f2bd2db7f90a238d48275fc (diff)
downloadpoky-7296c9fbd6cbf871f163cf3cb55d5ef2415e588d.tar.gz
binutils: CVE-2017-7226
Source: git://sourceware.org/git/binutils-gdb.git MR: 74283 Type: Security Fix Disposition: Backport from binutils_v2_28 ChangeID: 82097a4b98d3d576e1b1bfb7ac9ae17fd153c909 Description: Use strnlen to avoid running over the end of the string buffer. Affects: <= 2.28 (From OE-Core rev: abc9e4eebafac084bee054954bd93288cd1d0a8c) Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> Reviewed-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r--meta/recipes-devtools/binutils/binutils-2.27.inc1
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2017-7226.patch42
2 files changed, 43 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc
index 3f8a5fe19c..3c29f660cd 100644
--- a/meta/recipes-devtools/binutils/binutils-2.27.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.27.inc
@@ -52,6 +52,7 @@ SRC_URI = "\
52 file://CVE-2017-9040_and_9042.patch \ 52 file://CVE-2017-9040_and_9042.patch \
53 file://CVE-2017-9041_1.patch \ 53 file://CVE-2017-9041_1.patch \
54 file://CVE-2017-9041_2.patch \ 54 file://CVE-2017-9041_2.patch \
55 file://CVE-2017-7226.patch \
55" 56"
56S = "${WORKDIR}/git" 57S = "${WORKDIR}/git"
57 58
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-7226.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-7226.patch
new file mode 100644
index 0000000000..7525f34324
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-7226.patch
@@ -0,0 +1,42 @@
1Fix seg-fault in the binutils utilities when reading a corrupt input file.
2
3PR binutils/20905
4* peicode.h (pe_ILF_object_p): Use strnlen to avoid running over
5the end of the string buffer.
6
7Upstream-Status: Backport
8
9CVE: CVE-2017-7226
10Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
11
12Index: git/bfd/ChangeLog
13===================================================================
14--- git.orig/bfd/ChangeLog 2017-08-23 13:59:16.868424171 +0530
15+++ git/bfd/ChangeLog 2017-08-23 14:03:22.683013823 +0530
16@@ -39,6 +39,12 @@
17 (bfd_elf_final_link): Only initialize the extended symbol index
18 section if there are extended symbol tables to list.
19
20+2016-12-05 Nick Clifton <nickc@redhat.com>
21+
22+ PR binutils/20905
23+ * peicode.h (pe_ILF_object_p): Use strnlen to avoid running over
24+ the end of the string buffer.
25+
26 2016-08-02 Nick Clifton <nickc@redhat.com>
27
28 PR ld/17739
29Index: git/bfd/peicode.h
30===================================================================
31--- git.orig/bfd/peicode.h 2017-08-23 13:59:06.948319100 +0530
32+++ git/bfd/peicode.h 2017-08-23 13:59:16.920424722 +0530
33@@ -1264,7 +1264,8 @@
34 }
35
36 symbol_name = (char *) ptr;
37- source_dll = symbol_name + strlen (symbol_name) + 1;
38+ /* See PR 20905 for an example of where the strnlen is necessary. */
39+ source_dll = symbol_name + strnlen (symbol_name, size - 1) + 1;
40
41 /* Verify that the strings are null terminated. */
42 if (ptr[size - 1] != 0
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2026-06-02 13:58:46 +0000