[oe-commits] [openembedded-core] 07/51: binutils: CVE-2017-12448
git at git.openembedded.org
git at git.openembedded.org
Sun Jan 7 17:11:16 UTC 2018
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch morty
in repository openembedded-core.
commit 996e7af41b48107bab5eca0ea26f507541382bd5
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
AuthorDate: Wed Aug 30 17:51:17 2017 +0530
binutils: CVE-2017-12448
Source: git://sourceware.org/git/binutils-gdb.git
MR: 73880
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: 6ef7c8e941d7a1c069b29e4671178c0d02427e3f
Description:
Fix use-after-free error when parsing a corrupt nested archive.
PR 21787
* archive.c (bfd_generic_archive_p): If the bfd does not have the
correct magic bytes at the start, set the error to wrong format
and clear the format selector before returning NULL.
Affects: <= 2.29
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
meta/recipes-devtools/binutils/binutils-2.27.inc | 1 +
.../binutils/binutils/CVE-2017-12448.patch | 49 ++++++++++++++++++++++
2 files changed, 50 insertions(+)
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc
index 3c29f66..772df0a 100644
--- a/meta/recipes-devtools/binutils/binutils-2.27.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.27.inc
@@ -53,6 +53,7 @@ SRC_URI = "\
file://CVE-2017-9041_1.patch \
file://CVE-2017-9041_2.patch \
file://CVE-2017-7226.patch \
+ file://CVE-2017-12448.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-12448.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-12448.patch
new file mode 100644
index 0000000..039166c
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-12448.patch
@@ -0,0 +1,49 @@
+commit 909e4e716c4d77e33357bbe9bc902bfaf2e1af24
+Author: Nick Clifton <nickc at redhat.com>
+Date: Wed Jul 19 14:49:12 2017 +0100
+
+ Fix use-after-free error when parsing a corrupt nested archive.
+
+ PR 21787
+ * archive.c (bfd_generic_archive_p): If the bfd does not have the
+ correct magic bytes at the start, set the error to wrong format
+ and clear the format selector before returning NULL.
+
+Upstream-Status: Backport
+
+CVE: CVE-2017-12448
+Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
+
+Index: git/bfd/archive.c
+===================================================================
+--- git.orig/bfd/archive.c 2017-08-30 16:44:10.848601412 +0530
++++ git/bfd/archive.c 2017-08-30 16:44:21.400855758 +0530
+@@ -834,7 +834,12 @@
+ if (strncmp (armag, ARMAG, SARMAG) != 0
+ && strncmp (armag, ARMAGB, SARMAG) != 0
+ && ! bfd_is_thin_archive (abfd))
+- return NULL;
++ {
++ bfd_set_error (bfd_error_wrong_format);
++ if (abfd->format == bfd_archive)
++ abfd->format = bfd_unknown;
++ return NULL;
++ }
+
+ tdata_hold = bfd_ardata (abfd);
+
+Index: git/bfd/ChangeLog
+===================================================================
+--- git.orig/bfd/ChangeLog 2017-08-30 16:44:21.340854320 +0530
++++ git/bfd/ChangeLog 2017-08-30 16:46:48.716143277 +0530
+@@ -1,3 +1,10 @@
++2017-07-19 Nick Clifton <nickc at redhat.com>
++
++ PR 21787
++ * archive.c (bfd_generic_archive_p): If the bfd does not have the
++ correct magic bytes at the start, set the error to wrong format
++ and clear the format selector before returning NULL.
++
+ 2017-04-25 Maciej W. Rozycki <macro at imgtec.com>
+
+ * readelf.c (process_mips_specific): Remove error reporting from
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list