From 4bc6bb36dba96a534998928959acf637f9360775 Mon Sep 17 00:00:00 2001 From: Pgowda Date: Wed, 29 Jun 2022 10:54:39 +0530 Subject: binutils : CVE-2019-1010204 Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a4fc266dbf77ed7ab83da16468e9ba627b8bc2d] Signed-off-by: Pgowda Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie (cherry picked from commit 0c55355a83130c2c0a59e9fb94f8914499943dd4) Signed-off-by: Steve Sakoman --- meta/recipes-devtools/binutils/binutils-2.38.inc | 1 + .../binutils/binutils/0014-CVE-2019-1010204.patch | 49 ++++++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index dc0a2a4054..a069071c97 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -32,5 +32,6 @@ SRC_URI = "\ file://0011-sync-with-OE-libtool-changes.patch \ file://0012-Check-for-clang-before-checking-gcc-version.patch \ file://0013-Avoid-as-info-race-condition.patch \ + file://0014-CVE-2019-1010204.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch b/meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch new file mode 100644 index 0000000000..dad4a62038 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0014-CVE-2019-1010204.patch @@ -0,0 +1,49 @@ +From 2a4fc266dbf77ed7ab83da16468e9ba627b8bc2d Mon Sep 17 00:00:00 2001 +From: Nick Clifton +Date: Mon, 27 Jun 2022 13:07:40 +0100 +Subject: [PATCH] Have gold's File_read::do_read() function check the start + parameter + + PR 23765 + * fileread.cc (File_read::do_read): Check start parameter before + computing number of bytes to read. + +Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2a4fc266dbf77ed7ab83da16468e9ba627b8bc2d] + +Signed-off-by: Pgowda +--- + gold/ChangeLog | 6 ++++++ + gold/fileread.cc | 6 ++++++ + 2 files changed, 12 insertions(+) + +diff --git a/gold/ChangeLog b/gold/ChangeLog +index 5103dab7b67..8557dc6db7f 100644 +--- a/gold/ChangeLog ++++ b/gold/ChangeLog +@@ -1,3 +1,9 @@ ++2022-06-27 Nick Clifton ++ ++ PR 23765 ++ * fileread.cc (File_read::do_read): Check start parameter before ++ computing number of bytes to read. ++ + 2022-02-17 Nick Clifton + + * po/sr.po: Updated Serbian translation. +diff --git a/gold/fileread.cc b/gold/fileread.cc +index 2b653f78c2e..af2df215468 100644 +--- a/gold/fileread.cc ++++ b/gold/fileread.cc +@@ -385,6 +385,12 @@ File_read::do_read(off_t start, section_ + ssize_t bytes; + if (this->whole_file_view_ != NULL) + { ++ // See PR 23765 for an example of a testcase that triggers this error. ++ if (((ssize_t) start) < 0) ++ gold_fatal(_("%s: read failed, starting offset (%#llx) less than zero"), ++ this->filename().c_str(), ++ static_cast(start)); ++ + bytes = this->size_ - start; + if (static_cast(bytes) >= size) + { -- cgit 1.2.3-korg