From c992868a989926eac6c4b78a6bb9729bce54f2ed Mon Sep 17 00:00:00 2001 From: Li xin Date: Thu, 22 Jan 2015 14:41:20 +0800 Subject: elfutils_0.148.bb: CVE-2014-9447 fix Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9447 Signed-off-by: Li Xin Signed-off-by: Ross Burton --- .../elf_begin.c-CVE-2014-9447-fix.patch | 36 ++++++++++++++++++++++ meta/recipes-devtools/elfutils/elfutils_0.148.bb | 23 +++++++------- 2 files changed, 48 insertions(+), 11 deletions(-) create mode 100644 meta/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch diff --git a/meta/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch b/meta/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch new file mode 100644 index 0000000000..84e8ddcca7 --- /dev/null +++ b/meta/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch @@ -0,0 +1,36 @@ +From 323ca04a0c9189544075c19b49da67f6443a8950 Mon Sep 17 00:00:00 2001 +From: Li xin +Date: Wed, 21 Jan 2015 09:33:38 +0900 +Subject: [PATCH] elf_begin.c: CVE-2014-9447 fix + +this patch is from: + https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e + +Upstream-Status: Backport + +Signed-off-by: Li Xin +--- + libelf/elf_begin.c | 7 ++----- + 1 file changed, 2 insertions(+), 5 deletions(-) + +diff --git a/libelf/elf_begin.c b/libelf/elf_begin.c +index e46add3..e83ba35 100644 +--- a/libelf/elf_begin.c ++++ b/libelf/elf_begin.c +@@ -736,11 +736,8 @@ read_long_names (Elf *elf) + break; + + /* NUL-terminate the string. */ +- *runp = '\0'; +- +- /* Skip the NUL byte and the \012. */ +- runp += 2; +- ++ *runp++ = '\0'; ++ + /* A sanity check. Somebody might have generated invalid + archive. */ + if (runp >= newp + len) +-- +1.8.4.2 + diff --git a/meta/recipes-devtools/elfutils/elfutils_0.148.bb b/meta/recipes-devtools/elfutils/elfutils_0.148.bb index ab956390b3..5e75f129a4 100644 --- a/meta/recipes-devtools/elfutils/elfutils_0.148.bb +++ b/meta/recipes-devtools/elfutils/elfutils_0.148.bb @@ -8,7 +8,7 @@ DEPENDS = "libtool bzip2 zlib virtual/libintl" PR = "r11" -SRC_URI = "https://fedorahosted.org/releases/e/l/elfutils/elfutils-${PV}.tar.bz2" +SRC_URI = "https://fedorahosted.org/releases/e/l/${PN}/${BP}.tar.bz2" SRC_URI[md5sum] = "a0bed1130135f17ad27533b0034dba8d" SRC_URI[sha256sum] = "8aebfa4a745db21cf5429c9541fe482729b62efc7e53e9110151b4169fe887da" @@ -25,14 +25,15 @@ SRC_URI += "\ file://m68k_backend.diff \ file://testsuite-ignore-elflint.diff \ file://elf_additions.diff \ - file://elfutils-fsize.patch \ - file://remove-unused.patch \ - file://mempcpy.patch \ - file://fix_for_gcc-4.7.patch \ - file://dso-link-change.patch \ - file://nm-Fix-size-passed-to-snprintf-for-invalid-sh_name-case.patch \ - file://elfutils-ar-c-fix-num-passed-to-memset.patch \ - file://Fix_elf_cvt_gunhash.patch \ + file://elfutils-fsize.patch \ + file://remove-unused.patch \ + file://mempcpy.patch \ + file://fix_for_gcc-4.7.patch \ + file://dso-link-change.patch \ + file://nm-Fix-size-passed-to-snprintf-for-invalid-sh_name-case.patch \ + file://elfutils-ar-c-fix-num-passed-to-memset.patch \ + file://Fix_elf_cvt_gunhash.patch \ + file://elf_begin.c-CVE-2014-9447-fix.patch \ " # Only apply when building uclibc based target recipe SRC_URI_append_libc-uclibc = " file://uclibc-support.patch" @@ -52,9 +53,9 @@ EXTRA_OECONF_append_class-native = " --without-bzlib" EXTRA_OECONF_append_libc-uclibc = " --enable-uclibc" do_configure_prepend() { - sed -i '/^i386_dis.h:/,+4 {/.*/d}' ${S}/libcpu/Makefile.am + sed -i '/^i386_dis.h:/,+4 {/.*/d}' ${S}/libcpu/Makefile.am - cp ${WORKDIR}/*dis.h ${S}/libcpu + cp ${WORKDIR}/*dis.h ${S}/libcpu } # we can not build complete elfutils when using uclibc -- cgit 1.2.3-korg