helium-3rd-party/poky
1
0
Fork 0
mirror of git://git.yoctoproject.org/poky synced 2026-04-02 02:49:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

binutils: Security fix for CVE-2017-14940

Browse Source 
Affects: <= 2.29.1

(From OE-Core rev: 59deda9b709640030bc0199e34e39fa07cfcca69)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Armin Kuster 2018-08-06 18:00:44 -07:00 committed by Richard Purdie
parent bc5c5f19b6
commit bc0ca9fb89
2 changed files with 48 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
meta/recipes-devtools/binutils/binutils-2.29.1.inc
View File

@ -43,6 +43,7 @@ SRC_URI = "\
file://CVE-2017-14934.patch \
file://CVE-2017-14938.patch \
file://CVE-2017-14939.patch \
file://CVE-2017-14940.patch \
"
S = "${WORKDIR}/git"

47
meta/recipes-devtools/binutils/binutils/CVE-2017-14940.patch Normal file
View File

@ -0,0 +1,47 @@
From 0d76029f92182c3682d8be2c833d45bc9a2068fe Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Sun, 24 Sep 2017 14:35:33 +0930
Subject: [PATCH] PR22167, NULL pointer dereference in scan_unit_for_symbols
PR 22167
* dwarf2.c (scan_unit_for_symbols): Check u.blk->data is non-NULL.
Upstream-Status: Backport
Affects: <= 2.29.1
CVE: CVE-2017-14940
Signed-off-by: Armin Kuster <akuster@mvista.com>
---
bfd/ChangeLog | 5 +++++
bfd/dwarf2.c | 3 ++-
2 files changed, 7 insertions(+), 1 deletion(-)
Index: git/bfd/dwarf2.c
===================================================================
--- git.orig/bfd/dwarf2.c
+++ git/bfd/dwarf2.c
@@ -3202,7 +3202,8 @@ scan_unit_for_symbols (struct comp_unit
case DW_FORM_block2:
case DW_FORM_block4:
case DW_FORM_exprloc:
- if (*attr.u.blk->data == DW_OP_addr)
+ if (attr.u.blk->data != NULL
+ && *attr.u.blk->data == DW_OP_addr)
{
var->stack = 0;
Index: git/bfd/ChangeLog
===================================================================
--- git.orig/bfd/ChangeLog
+++ git/bfd/ChangeLog
@@ -1,5 +1,10 @@
2017-09-24 Alan Modra <amodra@gmail.com>
+ PR 22167
+ * dwarf2.c (scan_unit_for_symbols): Check u.blk->data is non-NULL.
+
+2017-09-24 Alan Modra <amodra@gmail.com>
+
PR 22169
* dwarf2.c (decode_line_info): Correct .debug_line unit_length check.