diff options
author | Deepthi Hemraj <Deepthi.Hemraj@windriver.com> | 2023-11-21 03:42:54 -0800 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2023-11-21 05:18:20 -1000 |
commit | 03e6ea59d82e613ba3b5d388fa87317cef982f2b (patch) | |
tree | 7cd40f3c40a99ffe6ec41edbe9c6f0fa1af01d17 | |
parent | 3a9b67f222d6e004a8b56eedca6ff869e9aba710 (diff) | |
download | openembedded-core-contrib-03e6ea59d82e613ba3b5d388fa87317cef982f2b.tar.gz |
binutils: Fix CVE-2022-47007
Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.38.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/0033-CVE-2022-47007.patch | 34 |
2 files changed, 35 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index 43cc97f1ef..dc29141812 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -67,5 +67,6 @@ SRC_URI = "\ file://0031-CVE-2022-47695.patch \ file://CVE-2022-48063.patch \ file://0032-CVE-2022-47010.patch \ + file://0033-CVE-2022-47007.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0033-CVE-2022-47007.patch b/meta/recipes-devtools/binutils/binutils/0033-CVE-2022-47007.patch new file mode 100644 index 0000000000..cc6dfe684b --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0033-CVE-2022-47007.patch @@ -0,0 +1,34 @@ +From: Alan Modra <amodra@gmail.com> +Date: Thu, 16 Jun 2022 23:30:41 +0000 (+0930) +Subject: PR29254, memory leak in stab_demangle_v3_arg +X-Git-Tag: binutils-2_39~237 +X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=0ebc886149c22aceaf8ed74267821a59ca9d03eb + +PR29254, memory leak in stab_demangle_v3_arg + + PR 29254 + * stabs.c (stab_demangle_v3_arg): Free dt on failure path. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=0ebc886149c22aceaf8ed74267821a59ca9d03eb] + +CVE: CVE-2022-47007 + +Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> +--- + +diff --git a/binutils/stabs.c b/binutils/stabs.c +index 2b5241637c1..796ff85b86a 100644 +--- a/binutils/stabs.c ++++ b/binutils/stabs.c +@@ -5467,7 +5467,10 @@ stab_demangle_v3_arg (void *dhandle, struct stab_handle *info, + dc->u.s_binary.right, + &varargs); + if (pargs == NULL) +- return NULL; ++ { ++ free (dt); ++ return NULL; ++ } + + return debug_make_function_type (dhandle, dt, pargs, varargs); + } |