binutils: Fix CVE-2022-47011

(From OE-Core rev: 5ff2e3c880705c2e920a4a61a5165810fadd7b84) Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2026-05-30 00:20:08 +00:00 · 2023-10-16 04:27:52 -07:00
parent bdcc4c9909
commit 8391218990
2 changed files with 36 additions and 0 deletions
@@ -57,6 +57,7 @@ SRC_URI = "\
     file://0026-CVE-2023-1972.patch \
     file://0025-CVE-2023-25588.patch \
     file://0027-CVE-2022-47008.patch \
+     file://0028-CVE-2022-47011.patch \
     file://0029-CVE-2022-48065-1.patch \
     file://0029-CVE-2022-48065-2.patch \
     file://0029-CVE-2022-48065-3.patch \
@@ -0,0 +1,35 @@
+From: Alan Modra <amodra@gmail.com>
+Date: Mon, 20 Jun 2022 01:09:13 +0000 (+0930)
+Subject: PR29261, memory leak in parse_stab_struct_fields
+X-Git-Tag: binutils-2_39~225
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=8a24927bc8dbf6beac2000593b21235c3796dc35
+
+PR29261, memory leak in parse_stab_struct_fields
+
+	PR 29261
+	* stabs.c (parse_stab_struct_fields): Free "fields" on failure path.
+
+Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=8a24927bc8dbf6beac2000593b21235c3796dc35]
+
+CVE: CVE-2022-47011
+
+Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
+
+---
+
+diff --git a/binutils/stabs.c b/binutils/stabs.c
+index 796ff85b86a..bf3f578cbcc 100644
+--- a/binutils/stabs.c
+++ b/binutils/stabs.c
+@@ -2367,7 +2367,10 @@ parse_stab_struct_fields (void *dhandle,
+ 
+       if (! parse_stab_one_struct_field (dhandle, info, pp, p, fields + c,
+ 					 staticsp, p_end))
+-	return false;
+	{
+	  free (fields);
+	  return false;
+	}
+ 
+       ++c;
+     }