[oe-commits] [openembedded-core] 06/51: binutils: CVE-2017-7226
git at git.openembedded.org
git at git.openembedded.org
Sun Jan 7 17:11:15 UTC 2018
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch morty
in repository openembedded-core.
commit abc9e4eebafac084bee054954bd93288cd1d0a8c
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
AuthorDate: Wed Aug 23 14:06:58 2017 +0530
binutils: CVE-2017-7226
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74283
Type: Security Fix
Disposition: Backport from binutils_v2_28
ChangeID: 82097a4b98d3d576e1b1bfb7ac9ae17fd153c909
Description:
Use strnlen to avoid running over the end of the string buffer.
Affects: <= 2.28
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
meta/recipes-devtools/binutils/binutils-2.27.inc | 1 +
.../binutils/binutils/CVE-2017-7226.patch | 42 ++++++++++++++++++++++
2 files changed, 43 insertions(+)
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc
index 3f8a5fe..3c29f66 100644
--- a/meta/recipes-devtools/binutils/binutils-2.27.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.27.inc
@@ -52,6 +52,7 @@ SRC_URI = "\
file://CVE-2017-9040_and_9042.patch \
file://CVE-2017-9041_1.patch \
file://CVE-2017-9041_2.patch \
+ file://CVE-2017-7226.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-7226.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-7226.patch
new file mode 100644
index 0000000..7525f34
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-7226.patch
@@ -0,0 +1,42 @@
+Fix seg-fault in the binutils utilities when reading a corrupt input file.
+
+PR binutils/20905
+* peicode.h (pe_ILF_object_p): Use strnlen to avoid running over
+the end of the string buffer.
+
+Upstream-Status: Backport
+
+CVE: CVE-2017-7226
+Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
+
+Index: git/bfd/ChangeLog
+===================================================================
+--- git.orig/bfd/ChangeLog 2017-08-23 13:59:16.868424171 +0530
++++ git/bfd/ChangeLog 2017-08-23 14:03:22.683013823 +0530
+@@ -39,6 +39,12 @@
+ (bfd_elf_final_link): Only initialize the extended symbol index
+ section if there are extended symbol tables to list.
+
++2016-12-05 Nick Clifton <nickc at redhat.com>
++
++ PR binutils/20905
++ * peicode.h (pe_ILF_object_p): Use strnlen to avoid running over
++ the end of the string buffer.
++
+ 2016-08-02 Nick Clifton <nickc at redhat.com>
+
+ PR ld/17739
+Index: git/bfd/peicode.h
+===================================================================
+--- git.orig/bfd/peicode.h 2017-08-23 13:59:06.948319100 +0530
++++ git/bfd/peicode.h 2017-08-23 13:59:16.920424722 +0530
+@@ -1264,7 +1264,8 @@
+ }
+
+ symbol_name = (char *) ptr;
+- source_dll = symbol_name + strlen (symbol_name) + 1;
++ /* See PR 20905 for an example of where the strnlen is necessary. */
++ source_dll = symbol_name + strnlen (symbol_name, size - 1) + 1;
+
+ /* Verify that the strings are null terminated. */
+ if (ptr[size - 1] != 0
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list