diff options
| author |   Thiruvadi Rajaraman <trajaraman@mvista.com> | 2017-09-20 13:52:00 +0530 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-01-07 17:09:46 +0000 |
| commit | 1e19e656a97caf61f26ab4f52339b9413d3bb29f (patch) | |
| tree | aca163b6b52cacf34a1acd596debe0d2b0994a12 /meta/recipes-devtools/binutils/binutils-2.27.inc | |
| parent | 0d6e08ffc4760947653ad9368d594074d506f697 (diff) | |
| download | openembedded-core-contrib-1e19e656a97caf61f26ab4f52339b9413d3bb29f.tar.gz | |
binutils: CVE-2017-8398
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74127
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 410078b468de6dc1c908342283a6abe5bdf38d54
Description:
Fix heap-buffer overflow bugs caused when dumping debug information from a corrupt binary.
PR binutils/21438
* dwarf.c (process_extended_line_op): Do not assume that the
string extracted from the section is NUL terminated.
(fetch_indirect_string): If the string retrieved from the section
is not NUL terminated, return an error message.
(fetch_indirect_line_string): Likewise.
(fetch_indexed_string): Likewise.
Affects: <= 2.29
Author: Nick Clifton <nickc@redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta/recipes-devtools/binutils/binutils-2.27.inc')
| -rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.27.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc index a455b0192c..35e26fc0dd 100644 --- a/meta/recipes-devtools/binutils/binutils-2.27.inc +++ b/meta/recipes-devtools/binutils/binutils-2.27.inc @@ -75,6 +75,7 @@ SRC_URI = "\ file://CVE-2017-8421.patch \ file://CVE-2017-8394_1.patch \ file://CVE-2017-8394.patch \ + file://CVE-2017-8398.patch \ " S = "${WORKDIR}/git" |