[oe-commits] [openembedded-core] 13/51: binutils: CVE-2017-7225
git at git.openembedded.org
git at git.openembedded.org
Sun Jan 7 17:11:22 UTC 2018
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch morty
in repository openembedded-core.
commit ba01ee6899c8d36e6469f6d02d40866fb0502af9
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
AuthorDate: Mon Sep 4 13:59:36 2017 +0530
binutils: CVE-2017-7225
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74296
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: d2cf3ab15c89351c941c92e4cdf28c2bfa9dcda8
Description:
Fix seg-fault running addr2line on a corrupt binary.
PR binutils/20891
* aoutx.h (find_nearest_line): Handle the case where the main file
name and the directory name are both empty.
Affects: <= 2.29
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
meta/recipes-devtools/binutils/binutils-2.27.inc | 1 +
.../binutils/binutils/CVE-2017-7225.patch | 66 ++++++++++++++++++++++
2 files changed, 67 insertions(+)
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc
index 82b9be7..4833552 100644
--- a/meta/recipes-devtools/binutils/binutils-2.27.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.27.inc
@@ -61,6 +61,7 @@ SRC_URI = "\
file://CVE-2017-12450_12452_12453_12454_12456.patch \
file://CVE-2017-7223.patch \
file://CVE-2017-7224.patch \
+ file://CVE-2017-7225.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-7225.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-7225.patch
new file mode 100644
index 0000000..699905a
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-7225.patch
@@ -0,0 +1,66 @@
+commit 50455f1ab2935f7321215dfa681745c9b1cb5b19
+Author: Nick Clifton <nickc at redhat.com>
+Date: Thu Dec 1 10:15:07 2016 +0000
+
+ Fix seg-fault running addr2line on a corrupt binary.
+
+ PR binutils/20891
+ * aoutx.h (find_nearest_line): Handle the case where the main file
+ name and the directory name are both empty.
+
+Upstream-Status: backport
+
+CVE: CVE-2017-7225
+Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
+
+Index: git/bfd/ChangeLog
+===================================================================
+--- git.orig/bfd/ChangeLog 2017-09-04 13:04:20.941485636 +0530
++++ git/bfd/ChangeLog 2017-09-04 13:08:05.003175703 +0530
+@@ -120,6 +120,12 @@
+ * peicode.h (pe_ILF_object_p): Use strnlen to avoid running over
+ the end of the string buffer.
+
++2016-12-01 Nick Clifton <nickc at redhat.com>
++
++ PR binutils/20891
++ * aoutx.h (find_nearest_line): Handle the case where the main file
++ name and the directory name are both empty.
++
+ PR binutils/20892
+ * aoutx.h (find_nearest_line): Handle the case where the function
+ name is empty.
+Index: git/bfd/aoutx.h
+===================================================================
+--- git.orig/bfd/aoutx.h 2017-09-04 13:04:20.941485636 +0530
++++ git/bfd/aoutx.h 2017-09-04 13:10:55.856441243 +0530
+@@ -2663,7 +2663,7 @@
+ char *buf;
+
+ *filename_ptr = abfd->filename;
+- *functionname_ptr = 0;
++ *functionname_ptr = NULL;
+ *line_ptr = 0;
+ if (disriminator_ptr)
+ *disriminator_ptr = 0;
+@@ -2808,9 +2808,17 @@
+ *filename_ptr = main_file_name;
+ else
+ {
+- sprintf (buf, "%s%s", directory_name, main_file_name);
+- *filename_ptr = buf;
+- buf += filelen + 1;
++ if (buf == NULL)
++ /* PR binutils/20891: In a corrupt input file both
++ main_file_name and directory_name can be empty... */
++ * filename_ptr = NULL;
++ else
++ {
++ snprintf (buf, filelen + 1, "%s%s", directory_name,
++ main_file_name);
++ *filename_ptr = buf;
++ buf += filelen + 1;
++ }
+ }
+ }
+
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list