diff options
| -rw-r--r-- | meta/recipes-devtools/gdb/gdb-8.3.1.inc (renamed from meta/recipes-devtools/gdb/gdb-8.3.inc) | 5 | ||||
| -rw-r--r-- | meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.1.bb (renamed from meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.bb) | 0 | ||||
| -rw-r--r-- | meta/recipes-devtools/gdb/gdb-cross_8.3.1.bb (renamed from meta/recipes-devtools/gdb/gdb-cross_8.3.bb) | 0 | ||||
| -rw-r--r-- | meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch | 98 | ||||
| -rw-r--r-- | meta/recipes-devtools/gdb/gdb_8.3.1.bb (renamed from meta/recipes-devtools/gdb/gdb_8.3.bb) | 0 |
5 files changed, 2 insertions, 101 deletions
diff --git a/meta/recipes-devtools/gdb/gdb-8.3.inc b/meta/recipes-devtools/gdb/gdb-8.3.1.inc index 070c17d4a1..39f1c48cc7 100644 --- a/meta/recipes-devtools/gdb/gdb-8.3.inc +++ b/meta/recipes-devtools/gdb/gdb-8.3.1.inc @@ -16,7 +16,6 @@ SRC_URI = "${GNU_MIRROR}/gdb/gdb-${PV}.tar.xz \ file://0009-Change-order-of-CFLAGS.patch \ file://0010-resolve-restrict-keyword-conflict.patch \ file://0011-Fix-invalid-sigprocmask-call.patch \ - file://CVE-2017-9778.patch \ " -SRC_URI[md5sum] = "bbd95b2f9b34621ad7a19a3965476314" -SRC_URI[sha256sum] = "802f7ee309dcc547d65a68d61ebd6526762d26c3051f52caebe2189ac1ffd72e" +SRC_URI[md5sum] = "73b6a5d8141672c62bf851cd34c4aa83" +SRC_URI[sha256sum] = "1e55b4d7cdca7b34be12f4ceae651623aa73b2fd640152313f9f66a7149757c4" diff --git a/meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.bb b/meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.1.bb index 301035940c..301035940c 100644 --- a/meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.bb +++ b/meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.1.bb diff --git a/meta/recipes-devtools/gdb/gdb-cross_8.3.bb b/meta/recipes-devtools/gdb/gdb-cross_8.3.1.bb index 50cf159fdb..50cf159fdb 100644 --- a/meta/recipes-devtools/gdb/gdb-cross_8.3.bb +++ b/meta/recipes-devtools/gdb/gdb-cross_8.3.1.bb diff --git a/meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch b/meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch deleted file mode 100644 index f142ed00d7..0000000000 --- a/meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch +++ /dev/null @@ -1,98 +0,0 @@ -From 6ad3791f095cfc1b0294f62c4b3a524ba735595e Mon Sep 17 00:00:00 2001 -From: Sandra Loosemore <sandra@codesourcery.com> -Date: Thu, 25 Apr 2019 07:27:02 -0700 -Subject: [PATCH] Detect invalid length field in debug frame FDE header. - -GDB was failing to catch cases where a corrupt ELF or core file -contained an invalid length value in a Dwarf debug frame FDE header. -It was checking for buffer overflow but not cases where the length was -negative or caused pointer wrap-around. - -In addition to the additional validity check, this patch cleans up the -multiple signed/unsigned conversions on the length field so that an -unsigned representation is used consistently throughout. - -This patch fixes CVE-2017-9778 and PR gdb/21600. - -2019-04-25 Sandra Loosemore <sandra@codesourcery.com> - Kang Li <kanglictf@gmail.com> - - PR gdb/21600 - - * dwarf2-frame.c (read_initial_length): Be consistent about using - unsigned representation of length. - (decode_frame_entry_1): Likewise. Check for wraparound of - end pointer as well as buffer overflow. - -Upstream-Status: Backport -CVE: CVE-2017-9778 -Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> ---- - gdb/ChangeLog | 10 ++++++++++ - gdb/dwarf2-frame.c | 14 +++++++------- - 2 files changed, 17 insertions(+), 7 deletions(-) - -diff --git a/gdb/ChangeLog b/gdb/ChangeLog -index 1c125de..d028d2b 100644 ---- a/gdb/ChangeLog -+++ b/gdb/ChangeLog -@@ -1,3 +1,13 @@ -+2019-04-25 Sandra Loosemore <sandra@codesourcery.com> -+ Kang Li <kanglictf@gmail.com> -+ -+ PR gdb/21600 -+ -+ * dwarf2-frame.c (read_initial_length): Be consistent about using -+ unsigned representation of length. -+ (decode_frame_entry_1): Likewise. Check for wraparound of -+ end pointer as well as buffer overflow. -+ - 2019-05-11 Joel Brobecker <brobecker@adacore.com> - - * version.in: Set GDB version number to 8.3. -diff --git a/gdb/dwarf2-frame.c b/gdb/dwarf2-frame.c -index 178ac44..dc5d3b3 100644 ---- a/gdb/dwarf2-frame.c -+++ b/gdb/dwarf2-frame.c -@@ -1488,7 +1488,7 @@ static ULONGEST - read_initial_length (bfd *abfd, const gdb_byte *buf, - unsigned int *bytes_read_ptr) - { -- LONGEST result; -+ ULONGEST result; - - result = bfd_get_32 (abfd, buf); - if (result == 0xffffffff) -@@ -1789,7 +1789,7 @@ decode_frame_entry_1 (struct comp_unit *unit, const gdb_byte *start, - { - struct gdbarch *gdbarch = get_objfile_arch (unit->objfile); - const gdb_byte *buf, *end; -- LONGEST length; -+ ULONGEST length; - unsigned int bytes_read; - int dwarf64_p; - ULONGEST cie_id; -@@ -1800,15 +1800,15 @@ decode_frame_entry_1 (struct comp_unit *unit, const gdb_byte *start, - buf = start; - length = read_initial_length (unit->abfd, buf, &bytes_read); - buf += bytes_read; -- end = buf + length; -- -- /* Are we still within the section? */ -- if (end > unit->dwarf_frame_buffer + unit->dwarf_frame_size) -- return NULL; -+ end = buf + (size_t) length; - - if (length == 0) - return end; - -+ /* Are we still within the section? */ -+ if (end <= buf || end > unit->dwarf_frame_buffer + unit->dwarf_frame_size) -+ return NULL; -+ - /* Distinguish between 32 and 64-bit encoded frame info. */ - dwarf64_p = (bytes_read == 12); - --- -2.20.1 - diff --git a/meta/recipes-devtools/gdb/gdb_8.3.bb b/meta/recipes-devtools/gdb/gdb_8.3.1.bb index d70757a151..d70757a151 100644 --- a/meta/recipes-devtools/gdb/gdb_8.3.bb +++ b/meta/recipes-devtools/gdb/gdb_8.3.1.bb |