[OE-core] [PATCH] gdb: Fix CVE-2019-1010180
Vinay Kumar
vinay.m.engg at gmail.com
Thu Oct 31 10:23:16 UTC 2019
Backport the upstream fix. that was not present in master.
Signed-off-by: Vinay Kumar <vinay.m.engg at gmail.com>
Upstream-Status: Pending
---
meta/recipes-devtools/gdb/gdb-8.3.1.inc | 1 +
.../gdb/gdb/CVE-2019-1010180.patch | 34 ++++++++++++++++++++++
2 files changed, 35 insertions(+)
create mode 100644 meta/recipes-devtools/gdb/gdb/CVE-2019-1010180.patch
diff --git a/meta/recipes-devtools/gdb/gdb-8.3.1.inc b/meta/recipes-devtools/gdb/gdb-8.3.1.inc
index 39f1c48..aec913f 100644
--- a/meta/recipes-devtools/gdb/gdb-8.3.1.inc
+++ b/meta/recipes-devtools/gdb/gdb-8.3.1.inc
@@ -16,6 +16,7 @@ SRC_URI = "${GNU_MIRROR}/gdb/gdb-${PV}.tar.xz \
file://0009-Change-order-of-CFLAGS.patch \
file://0010-resolve-restrict-keyword-conflict.patch \
file://0011-Fix-invalid-sigprocmask-call.patch \
+ file://CVE-2019-1010180.patch \
"
SRC_URI[md5sum] = "73b6a5d8141672c62bf851cd34c4aa83"
SRC_URI[sha256sum] = "1e55b4d7cdca7b34be12f4ceae651623aa73b2fd640152313f9f66a7149757c4"
diff --git a/meta/recipes-devtools/gdb/gdb/CVE-2019-1010180.patch b/meta/recipes-devtools/gdb/gdb/CVE-2019-1010180.patch
new file mode 100644
index 0000000..6e52024
--- /dev/null
+++ b/meta/recipes-devtools/gdb/gdb/CVE-2019-1010180.patch
@@ -0,0 +1,34 @@
+diff --git a/gdb/ChangeLog b/gdb/ChangeLog
+index 961a2e2..1dfb0cb 100644
+--- a/gdb/ChangeLog
++++ b/gdb/ChangeLog
+@@ -1,3 +1,9 @@
++2019-10-16 Keith Seitz <keiths at redhat.com>
++
++ PR gdb/23567
++ * dwarf2read.c (dwarf2_per_objfile::locate_sections): Discard
++ sections whose size is greater than the file size.
++
+ 2019-09-20 Joel Brobecker <brobecker at adacore.com>
+
+ * version.in: Set GDB version number to 8.3.1.
+diff --git a/gdb/dwarf2read.c b/gdb/dwarf2read.c
+index 4251ed0..fafdb89 100644
+--- a/gdb/dwarf2read.c
++++ b/gdb/dwarf2read.c
+@@ -2378,6 +2378,15 @@ dwarf2_per_objfile::locate_sections (bfd *abfd, asection *sectp,
+ if ((aflag & SEC_HAS_CONTENTS) == 0)
+ {
+ }
++ else if (elf_section_data (sectp)->this_hdr.sh_size
++ > bfd_get_file_size (abfd))
++ {
++ bfd_size_type size = elf_section_data (sectp)->this_hdr.sh_size;
++ warning (_("Discarding section %s which has a section size (%s"
++ ") larger than the file size [in module %s]"),
++ bfd_section_name (abfd, sectp), phex_nz (size, sizeof (size)),
++ bfd_get_filename (abfd));
++ }
+ else if (section_is_p (sectp->name, &names.info))
+ {
+ this->info.s.section = sectp;
--
2.7.4
More information about the Openembedded-core
mailing list