[oe-commits] [openembedded-core] 17/51: binutils: CVE-2017-7303
git at git.openembedded.org
git at git.openembedded.org
Sun Jan 7 17:11:26 UTC 2018
This is an automated email from the git hooks/post-receive script.
rpurdie pushed a commit to branch morty
in repository openembedded-core.
commit ef1a98976886560396a514458edb80a21f09b808
Author: Thiruvadi Rajaraman <trajaraman at mvista.com>
AuthorDate: Mon Sep 4 16:44:08 2017 +0530
binutils: CVE-2017-7303
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74205
Type: Security Fix
Disposition: Backport from binutils-2_28-branch
ChangeID: db5bfb63661d39846c3b03353e1383c621759d48
Description:
Fix seg-fault attempting to strip a corrupt binary.
PR binutils/20922
* elf.c (find_link): Check for null headers before attempting to
match them.
Affects: <= 2.28
Author: Nick Clifton <nickc at redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman at mvista.com>
Reviewed-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster at mvista.com>
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
meta/recipes-devtools/binutils/binutils-2.27.inc | 1 +
.../binutils/binutils/CVE-2017-7303.patch | 55 ++++++++++++++++++++++
2 files changed, 56 insertions(+)
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc
index 936cdc3..b60aa8a 100644
--- a/meta/recipes-devtools/binutils/binutils-2.27.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.27.inc
@@ -65,6 +65,7 @@ SRC_URI = "\
file://CVE-2017-7227.patch \
file://CVE-2017-7301.patch \
file://CVE-2017-7302.patch \
+ file://CVE-2017-7303.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-7303.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-7303.patch
new file mode 100644
index 0000000..59a3b17
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-7303.patch
@@ -0,0 +1,55 @@
+commit a55c9876bb111fd301b4762cf501de0040b8f9db
+Author: Nick Clifton <nickc at redhat.com>
+Date: Mon Dec 5 13:35:50 2016 +0000
+
+ Fix seg-fault attempting to strip a corrupt binary.
+
+ PR binutils/20922
+ * elf.c (find_link): Check for null headers before attempting to
+ match them.
+
+Upstream-Status: Backport
+
+CVE: CVE-2017-7303
+Signed-off-by: Thiruvadi Rajaraman <tarjaraman at mvista.com>
+
+Index: git/bfd/ChangeLog
+===================================================================
+--- git.orig/bfd/ChangeLog 2017-09-04 16:06:08.996688391 +0530
++++ git/bfd/ChangeLog 2017-09-04 16:09:26.810320541 +0530
+@@ -124,6 +124,10 @@
+ (aout_link_add_symbols): Fix off by one error checking for
+ overflow of string offset.
+
++ PR binutils/20922
++ * elf.c (find_link): Check for null headers before attempting to
++ match them.
++
+ PR binutils/20921
+ * aoutx.h (squirt_out_relocs): Check for and report any relocs
+ that could not be recognised.
+Index: git/bfd/elf.c
+===================================================================
+--- git.orig/bfd/elf.c 2017-09-04 16:05:55.612577527 +0530
++++ git/bfd/elf.c 2017-09-04 16:08:35.709900050 +0530
+@@ -1249,13 +1249,19 @@
+ Elf_Internal_Shdr ** oheaders = elf_elfsections (obfd);
+ unsigned int i;
+
+- if (section_match (oheaders[hint], iheader))
++ BFD_ASSERT (iheader != NULL);
++
++ /* See PR 20922 for a reproducer of the NULL test. */
++ if (oheaders[hint] != NULL
++ && section_match (oheaders[hint], iheader))
+ return hint;
+
+ for (i = 1; i < elf_numsections (obfd); i++)
+ {
+ Elf_Internal_Shdr * oheader = oheaders[i];
+
++ if (oheader == NULL)
++ continue;
+ if (section_match (oheader, iheader))
+ /* FIXME: Do we care if there is a potential for
+ multiple matches ? */
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the Openembedded-commits
mailing list