diff options
| author |   Hongxu Jia <hongxu.jia@windriver.com> | 2014-05-28 16:49:57 +0800 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-06-03 16:45:05 +0100 |
| commit | d9c7a02240ce37d5b2569d9177e8ba534b9295ce (patch) | |
| tree | 4bc28791245ebcdc7d64ba2aa6a287c73838ddcb /meta/recipes-devtools/elfutils/elfutils-0.158/CVE-2014-0172.patch | |
| parent | d9d7b0515fcf47c4cf7533a12915ea92298ce834 (diff) | |
| download | openembedded-core-contrib-d9c7a02240ce37d5b2569d9177e8ba534b9295ce.tar.gz | |
elfutils: upgrade to 0.158
Add 'm4-biarch.m4-tweak-AC_RUN_IFELSE-for-cross-compiling.patch' to fix cross compiling failure;
Rebase 'elf_additions.diff' for 0.158;
Drop obsolete patches:
- nm-Fix-size-passed-to-snprintf-for-invalid-sh_name-case.patch
- elfutils-ar-c-fix-num-passed-to-memset.patch
- fix-build-gcc-4.8.patch
Pick patches from debian:
http://ftp.de.debian.org/debian/pool/main/e/elfutils/elfutils_0.158-2.debian.tar.xz
We could not directly add elfutils_0.158-2.debian.tar.xz to SRC_URI, because it
contains other souce codes which are not pathces.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/elfutils/elfutils-0.158/CVE-2014-0172.patch')
| -rw-r--r-- | meta/recipes-devtools/elfutils/elfutils-0.158/CVE-2014-0172.patch | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/meta/recipes-devtools/elfutils/elfutils-0.158/CVE-2014-0172.patch b/meta/recipes-devtools/elfutils/elfutils-0.158/CVE-2014-0172.patch new file mode 100644 index 0000000000..6c44314589 --- /dev/null +++ b/meta/recipes-devtools/elfutils/elfutils-0.158/CVE-2014-0172.patch @@ -0,0 +1,35 @@ +From 7f1eec317db79627b473c5b149a22a1b20d1f68f Mon Sep 17 00:00:00 2001 +From: Mark Wielaard <mjw@redhat.com> +Date: Wed, 9 Apr 2014 11:33:23 +0200 +Subject: [PATCH] CVE-2014-0172 Check for overflow before calling malloc to + uncompress data. + +https://bugzilla.redhat.com/show_bug.cgi?id=1085663 + +Reported-by: Florian Weimer <fweimer@redhat.com> +Signed-off-by: Mark Wielaard <mjw@redhat.com> + +Index: elfutils-0.158/libdw/dwarf_begin_elf.c +=================================================================== +--- elfutils-0.158.orig/libdw/dwarf_begin_elf.c 2014-05-01 17:10:01.928213292 +0000 ++++ elfutils-0.158/libdw/dwarf_begin_elf.c 2014-05-01 17:10:01.924213375 +0000 +@@ -1,5 +1,5 @@ + /* Create descriptor from ELF descriptor for processing file. +- Copyright (C) 2002-2011 Red Hat, Inc. ++ Copyright (C) 2002-2011, 2014 Red Hat, Inc. + This file is part of elfutils. + Written by Ulrich Drepper <drepper@redhat.com>, 2002. + +@@ -289,6 +289,12 @@ + memcpy (&size, data->d_buf + 4, sizeof size); + size = be64toh (size); + ++ /* Check for unsigned overflow so malloc always allocated ++ enough memory for both the Elf_Data header and the ++ uncompressed section data. */ ++ if (unlikely (sizeof (Elf_Data) + size < size)) ++ break; ++ + Elf_Data *zdata = malloc (sizeof (Elf_Data) + size); + if (unlikely (zdata == NULL)) + break; |