mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-06-02 13:29:49 +00:00
Code Issues Projects Releases Wiki Activity

binutls: Security fix for CVE-2017-15023

Browse Source 
affects: <= 2.29.1

(From OE-Core rev: 755fd4e68af4cdafc482c02b7822cc06215da4fb)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Armin Kuster
2018-08-06 18:53:37 -07:00
committed by Richard Purdie
parent 00a04d8d8b
commit 9e7dc232e7
2 changed files with 53 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta/recipes-devtools/binutils/binutils-2.29.1.inc
+1
View File
@@ -46,6 +46,7 @@ SRC_URI = "\
file://CVE-2017-14940.patch \ file://CVE-2017-14940.patch \
file://CVE-2017-15021.patch \ file://CVE-2017-15021.patch \
file://CVE-2017-15022.patch \ file://CVE-2017-15022.patch \
file://CVE-2017-15023.patch \
" "
S = "${WORKDIR}/git" S = "${WORKDIR}/git"
meta/recipes-devtools/binutils/binutils/CVE-2017-15023.patch
+52
View File
@@ -0,0 +1,52 @@
From c361faae8d964db951b7100cada4dcdc983df1bf Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Mon, 25 Sep 2017 19:03:46 +0930
Subject: [PATCH] PR22200, DWARF5 .debug_line sanity check
The format_count entry can't be zero unless the count is also zero.
PR 22200
* dwarf2.c (read_formatted_entries): Error on format_count zero.
Upstream-Status: Backport
Affects: <= 2.29.1
CVE: CVE-2017-15023
Signed-off-by: Armin Kuster <akuster@mvista.com>
---
bfd/ChangeLog | 5 +++++
bfd/dwarf2.c | 7 +++++++
2 files changed, 12 insertions(+)
Index: git/bfd/dwarf2.c
===================================================================
--- git.orig/bfd/dwarf2.c
+++ git/bfd/dwarf2.c
@@ -1934,6 +1934,13 @@ read_formatted_entries (struct comp_unit
data_count = _bfd_safe_read_leb128 (abfd, buf, &bytes_read, FALSE, buf_end);
buf += bytes_read;
+ if (format_count == 0 && data_count != 0)
+ {
+ _bfd_error_handler (_("Dwarf Error: Zero format count."));
+ bfd_set_error (bfd_error_bad_value);
+ return FALSE;
+ }
+
/* PR 22210. Paranoia check. Don't bother running the loop
if we know that we are going to run out of buffer. */
if (data_count > (bfd_vma) (buf_end - buf))
Index: git/bfd/ChangeLog
===================================================================
--- git.orig/bfd/ChangeLog
+++ git/bfd/ChangeLog
@@ -1,4 +1,9 @@
2017-09-25 Alan Modra <amodra@gmail.com>
+
+ PR 22200
+ * dwarf2.c (read_formatted_entries): Error on format_count zero.
+
+2017-09-25 Alan Modra <amodra@gmail.com>
PR 22201
* dwarf2.c (scan_unit_for_symbols): Ignore DW_AT_name unless it