From 859fb4d9ec6974be9ce755e4ffefd9b199f3604c Mon Sep 17 00:00:00 2001
From: Armin Kuster <akuster808@gmail.com>
Date: Fri, 26 Dec 2014 08:51:53 -0800
Subject: binutils: several security fixes

CVE-2014-8484
CVE-2014-8485
CVE-2014-8501
CVE-2014-8502
CVE-2014-8503
CVE-2014-8504
CVE-2014-8737

and one supporting patch.

[Yocto # 7084]

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 .../binutils/binutils/binutils_CVE-2014-8484.patch | 67 ++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8484.patch

(limited to 'meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8484.patch')

diff --git a/meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8484.patch b/meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8484.patch
new file mode 100644
index 0000000000..e789499477
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8484.patch
@@ -0,0 +1,67 @@
+Upstream-Status: Backport
+
+CVE-2014-8484 fix.
+
+[YOCTO #7084]
+
+Signed-off-by: Armin Kuster <akuster808@gmail.com>
+
+From bd25671c6f202c4a5108883caa2adb24ff6f361f Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Fri, 29 Aug 2014 10:36:29 +0930
+Subject: [PATCH] Report an error for S-records with less than the miniumum
+ size
+
+	* srec.c (srec_scan): Revert last change.  Report an error for
+	S-records with less than the miniumum byte count.
+---
+ bfd/ChangeLog |  5 +++++
+ bfd/srec.c    | 18 +++++++++++++++---
+ 2 files changed, 20 insertions(+), 3 deletions(-)
+
+Index: binutils-2.24/bfd/srec.c
+===================================================================
+--- binutils-2.24.orig/bfd/srec.c
++++ binutils-2.24/bfd/srec.c
+@@ -455,7 +455,7 @@ srec_scan (bfd *abfd)
+ 	  {
+ 	    file_ptr pos;
+ 	    char hdr[3];
+-	    unsigned int bytes;
++	    unsigned int bytes, min_bytes;
+ 	    bfd_vma address;
+ 	    bfd_byte *data;
+ 	    unsigned char check_sum;
+@@ -478,6 +478,19 @@ srec_scan (bfd *abfd)
+ 	      }
+ 
+ 	    check_sum = bytes = HEX (hdr + 1);
++	    min_bytes = 3;
++	    if (hdr[0] == '2' || hdr[0] == '8')
++	      min_bytes = 4;
++	    else if (hdr[0] == '3' || hdr[0] == '7')
++	      min_bytes = 5;
++	    if (bytes < min_bytes)
++	      {
++		(*_bfd_error_handler) (_("%B:%d: byte count %d too small\n"),
++				       abfd, lineno, bytes);
++		bfd_set_error (bfd_error_bad_value);
++		goto error_return;
++	      }
++
+ 	    if (bytes * 2 > bufsize)
+ 	      {
+ 		if (buf != NULL)
+Index: binutils-2.24/bfd/ChangeLog
+===================================================================
+--- binutils-2.24.orig/bfd/ChangeLog
++++ binutils-2.24/bfd/ChangeLog
+@@ -1,3 +1,8 @@
++2014-08-29  Alan Modra  <amodra@gmail.com>
++
++       * srec.c (srec_scan): Revert last change.  Report an error for
++       S-records with less than the miniumum byte count.
++
+ 2013-12-02  Tristan Gingold  <gingold@adacore.com>
+ 
+ 	* configure.in: Bump version to 2.24
-- 
cgit 1.2.3-korg