diff options
| author |   Armin Kuster <akuster808@gmail.com> | 2019-08-31 14:15:49 -0700 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-09-01 22:38:05 +0100 |
| commit | af761de211ecdcb358c6412f9e7e3398b7525cf2 (patch) | |
| tree | 65740c4cde5c1a778850b282f3baf4eb6711a501 /meta/recipes-devtools/gcc | |
| parent | 11f4bf5ace2e6c0baf0eebbab128d4867139249d (diff) | |
| download | openembedded-core-contrib-af761de211ecdcb358c6412f9e7e3398b7525cf2.tar.gz | |
gcc-9.2: Security fix for CVE-2019-14250
Affects: <= 9.2
Signed-off-by: Armin Kuster <Akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/gcc')
| -rw-r--r-- | meta/recipes-devtools/gcc/gcc-9.2.inc | 1 | ||||
| -rw-r--r-- | meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch | 44 |
2 files changed, 45 insertions, 0 deletions
diff --git a/meta/recipes-devtools/gcc/gcc-9.2.inc b/meta/recipes-devtools/gcc/gcc-9.2.inc index 1c3e200dab..01d3bf0f32 100644 --- a/meta/recipes-devtools/gcc/gcc-9.2.inc +++ b/meta/recipes-devtools/gcc/gcc-9.2.inc @@ -64,6 +64,7 @@ SRC_URI = "\ file://0034-fix-segmentation-fault-in-precompiled-header-generat.patch \ file://0035-Fix-for-testsuite-failure.patch \ file://0036-Re-introduce-spe-commandline-options.patch \ + file://CVE-2019-14250.patch \ " S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${PV}" SRC_URI[md5sum] = "3818ad8600447f05349098232c2ddc78" diff --git a/meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch b/meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch new file mode 100644 index 0000000000..65ea34558a --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch @@ -0,0 +1,44 @@ +From 517b211a3d78366ca8d5929f580e8ca72fd2c004 Mon Sep 17 00:00:00 2001 +From: rguenth <rguenth@138bc75d-0d04-0410-961f-82ee72b054a4> +Date: Thu, 25 Jul 2019 10:46:54 +0000 +Subject: [PATCH] 2019-07-25 Richard Biener <rguenther@suse.de> + + PR lto/90924 + Backport from mainline + 2019-07-12 Ren Kimura <rkx1209dev@gmail.com> + + * simple-object-elf.c (simple_object_elf_match): Check zero value + shstrndx. + + +git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-9-branch@273793 138bc75d-0d04-0410-961f-82ee72b054a4 + +Upstream-Status: Backport +Affectes: < 9.2 +CVE: CVE-2019-14250 +Dropped changelog +Signed-off-by: Armin Kuster <Akustre@mvista.com> + +--- + libiberty/simple-object-elf.c | 8 ++++++++ + 2 files changed, 17 insertions(+) + +Index: gcc-9.2.0/libiberty/simple-object-elf.c +=================================================================== +--- gcc-9.2.0.orig/libiberty/simple-object-elf.c ++++ gcc-9.2.0/libiberty/simple-object-elf.c +@@ -557,6 +557,14 @@ simple_object_elf_match (unsigned char h + return NULL; + } + ++ if (eor->shstrndx == 0) ++ { ++ *errmsg = "invalid ELF shstrndx == 0"; ++ *err = 0; ++ XDELETE (eor); ++ return NULL; ++ } ++ + return (void *) eor; + } + |