diff options
Diffstat (limited to 'meta/recipes-devtools')
67 files changed, 6505 insertions, 190 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.29.1.inc b/meta/recipes-devtools/binutils/binutils-2.29.1.inc index 07a72e2b5a..eccb12828e 100644 --- a/meta/recipes-devtools/binutils/binutils-2.29.1.inc +++ b/meta/recipes-devtools/binutils/binutils-2.29.1.inc @@ -18,7 +18,7 @@ BINUPV = "${@binutils_branch_version(d)}" UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)" -SRCREV ?= "90276f15379d380761fc499da2ba24cfb3c12a94" +SRCREV ?= "8efd17cb25686c51b9db6531ae2fbeb2e6ef2399" BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=binutils-${BINUPV}-branch;protocol=git" SRC_URI = "\ ${BINUTILS_GIT_URI} \ @@ -35,6 +35,48 @@ SRC_URI = "\ file://0013-fix-the-incorrect-assembling-for-ppc-wait-mnemonic.patch \ file://0014-Detect-64-bit-MIPS-targets.patch \ file://0015-sync-with-OE-libtool-changes.patch \ + file://CVE-2017-17124.patch \ + file://CVE-2017-14930.patch \ + file://CVE-2017-14932.patch \ + file://CVE-2017-14933_p1.patch \ + file://CVE-2017-14933_p2.patch \ + file://CVE-2017-14934.patch \ + file://CVE-2017-14938.patch \ + file://CVE-2017-14939.patch \ + file://CVE-2017-14940.patch \ + file://CVE-2017-15021.patch \ + file://CVE-2017-15022.patch \ + file://CVE-2017-15023.patch \ + file://CVE-2017-15024.patch \ + file://CVE-2017-15025.patch \ + file://CVE-2017-15225.patch \ + file://CVE-2017-15939.patch \ + file://CVE-2017-15996.patch \ + file://CVE-2017-16826.patch \ + file://CVE-2017-16827.patch \ + file://CVE-2017-16828_p1.patch \ + file://CVE-2017-16828_p2.patch \ + file://CVE-2017-16829.patch \ + file://CVE-2017-16830.patch \ + file://CVE-2017-16831.patch \ + file://CVE-2017-16832.patch \ + file://CVE-2017-17080.patch \ + file://CVE-2017-17121.patch \ + file://CVE-2017-17122.patch \ + file://CVE-2017-17125.patch \ + file://CVE-2017-17123.patch \ + file://CVE-2018-10372.patch \ + file://CVE-2018-10373.patch \ + file://CVE-2018-10534.patch \ + file://CVE-2018-10535.patch \ + file://CVE-2018-13033.patch \ + file://CVE-2018-6323.patch \ + file://CVE-2018-6759.patch \ + file://CVE-2018-7208.patch \ + file://CVE-2018-7568_p1.patch \ + file://CVE-2018-7568_p2.patch \ + file://CVE-2018-7569.patch \ + file://CVE-2018-7642.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14930.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14930.patch new file mode 100644 index 0000000000..bbd267a959 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14930.patch @@ -0,0 +1,53 @@ +From a26a013f22a19e2c16729e64f40ef8a7dfcc086e Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Sun, 24 Sep 2017 17:10:14 +0930 +Subject: [PATCH] PR22191, memory leak in dwarf2.c + +table->sequences is a linked list before it is replaced by a bfd_alloc +array in sort_line_sequences. + + PR 22191 + * dwarf2.c (decode_line_info): Properly free line sequences on error. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-14930 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 5 +++++ + bfd/dwarf2.c | 8 ++++++-- + 2 files changed, 11 insertions(+), 2 deletions(-) + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -2473,8 +2473,12 @@ decode_line_info (struct comp_unit *unit + return table; + + fail: +- if (table->sequences != NULL) +- free (table->sequences); ++ while (table->sequences != NULL) ++ { ++ struct line_sequence* seq = table->sequences; ++ table->sequences = table->sequences->prev_sequence; ++ free (seq); ++ } + if (table->files != NULL) + free (table->files); + if (table->dirs != NULL) +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,8 @@ ++2017-09-24 Alan Modra <amodra@gmail.com> ++ ++ PR 22191 ++ * dwarf2.c (decode_line_info): Properly free line sequences on error. ++ + 2017-11-28 Nick Clifton <nickc@redhat.com> + + PR 22507 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14932.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14932.patch new file mode 100644 index 0000000000..a436031dc2 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14932.patch @@ -0,0 +1,46 @@ +From e338894dc2e603683bed2172e8e9f25b29051005 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Tue, 26 Sep 2017 09:32:18 +0930 +Subject: [PATCH] PR22204, Lack of DW_LNE_end_sequence causes "infinite" loop + + PR 22204 + * dwarf2.c (decode_line_info): Ensure line_ptr stays within + bounds in inner loop. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-14932 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 ++++++ + bfd/dwarf2.c | 2 +- + 2 files changed, 7 insertions(+), 1 deletion(-) + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -2269,7 +2269,7 @@ decode_line_info (struct comp_unit *unit + bfd_vma high_pc = 0; + + /* Decode the table. */ +- while (! end_sequence) ++ while (!end_sequence && line_ptr < line_end) + { + op_code = read_1_byte (abfd, line_ptr, line_end); + line_ptr += 1; +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,9 @@ ++2017-09-26 Alan Modra <amodra@gmail.com> ++ ++ PR 22204 ++ * dwarf2.c (decode_line_info): Ensure line_ptr stays within ++ bounds in inner loop. ++ + 2017-09-24 Alan Modra <amodra@gmail.com> + + PR 22191 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14933_p1.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14933_p1.patch new file mode 100644 index 0000000000..9df8138401 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14933_p1.patch @@ -0,0 +1,58 @@ +From 30d0157a2ad64e64e5ff9fcc0dbe78a3e682f573 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Tue, 26 Sep 2017 14:37:47 +0100 +Subject: [PATCH] Avoid needless resource usage when processing a corrupt DWARF + directory or file name table. + + PR 22210 + * dwarf2.c (read_formatted_entries): Fail early if we know that + the loop parsing data entries will overflow the end of the + section. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-14933 #1 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 7 +++++++ + bfd/dwarf2.c | 10 ++++++++++ + 2 files changed, 17 insertions(+) + +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,10 @@ ++2017-09-26 Nick Clifton <nickc@redhat.com> ++ ++ PR 22210 ++ * dwarf2.c (read_formatted_entries): Fail early if we know that ++ the loop parsing data entries will overflow the end of the ++ section. ++ + 2017-09-26 Alan Modra <amodra@gmail.com> + + PR 22204 +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -1933,6 +1933,17 @@ read_formatted_entries (struct comp_unit + + data_count = _bfd_safe_read_leb128 (abfd, buf, &bytes_read, FALSE, buf_end); + buf += bytes_read; ++ ++ /* PR 22210. Paranoia check. Don't bother running the loop ++ if we know that we are going to run out of buffer. */ ++ if (data_count > (bfd_vma) (buf_end - buf)) ++ { ++ _bfd_error_handler (_("Dwarf Error: data count (%Lx) larger than buffer size."), ++ data_count); ++ bfd_set_error (bfd_error_bad_value); ++ return FALSE; ++ } ++ + for (datai = 0; datai < data_count; datai++) + { + bfd_byte *format = format_header_data; diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14933_p2.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14933_p2.patch new file mode 100644 index 0000000000..607d92f3d4 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14933_p2.patch @@ -0,0 +1,102 @@ +From 33e0a9a056bd23e923b929a4f2ab049ade0b1c32 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Tue, 26 Sep 2017 23:20:06 +0930 +Subject: [PATCH] Tidy reading data in read_formatted_entries + +Using read_attribute_value accomplishes two things: It checks for +unexpected formats, and ensures the buffer pointer always increments. + + PR 22210 + * dwarf2.c (read_formatted_entries): Use read_attribute_value to + read data. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-14933 #2 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 ++++++ + bfd/dwarf2.c | 37 +++++++------------------------------ + 2 files changed, 13 insertions(+), 30 deletions(-) + +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,9 @@ ++2017-09-26 Alan Modra <amodra@gmail.com> ++ ++ PR 22210 ++ * dwarf2.c (read_formatted_entries): Use read_attribute_value to ++ read data. ++ + 2017-09-26 Nick Clifton <nickc@redhat.com> + + PR 22210 +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -1955,6 +1955,7 @@ read_formatted_entries (struct comp_unit + char *string_trash; + char **stringp = &string_trash; + unsigned int uint_trash, *uintp = &uint_trash; ++ struct attribute attr; + + content_type = _bfd_safe_read_leb128 (abfd, format, &bytes_read, + FALSE, buf_end); +@@ -1986,47 +1987,23 @@ read_formatted_entries (struct comp_unit + form = _bfd_safe_read_leb128 (abfd, format, &bytes_read, FALSE, + buf_end); + format += bytes_read; ++ ++ buf = read_attribute_value (&attr, form, 0, unit, buf, buf_end); ++ if (buf == NULL) ++ return FALSE; + switch (form) + { + case DW_FORM_string: +- *stringp = read_string (abfd, buf, buf_end, &bytes_read); +- buf += bytes_read; +- break; +- + case DW_FORM_line_strp: +- *stringp = read_indirect_line_string (unit, buf, buf_end, &bytes_read); +- buf += bytes_read; ++ *stringp = attr.u.str; + break; + + case DW_FORM_data1: +- *uintp = read_1_byte (abfd, buf, buf_end); +- buf += 1; +- break; +- + case DW_FORM_data2: +- *uintp = read_2_bytes (abfd, buf, buf_end); +- buf += 2; +- break; +- + case DW_FORM_data4: +- *uintp = read_4_bytes (abfd, buf, buf_end); +- buf += 4; +- break; +- + case DW_FORM_data8: +- *uintp = read_8_bytes (abfd, buf, buf_end); +- buf += 8; +- break; +- + case DW_FORM_udata: +- *uintp = _bfd_safe_read_leb128 (abfd, buf, &bytes_read, FALSE, +- buf_end); +- buf += bytes_read; +- break; +- +- case DW_FORM_block: +- /* It is valid only for DW_LNCT_timestamp which is ignored by +- current GDB. */ ++ *uintp = attr.u.val; + break; + } + } diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14934.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14934.patch new file mode 100644 index 0000000000..57733f08cf --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14934.patch @@ -0,0 +1,63 @@ +From 19485196044b2521af979f1e5c4a89bfb90fba0b Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Wed, 27 Sep 2017 10:42:51 +0100 +Subject: [PATCH] Prevent an infinite loop in the DWARF parsing code when + encountering a CU structure with a small negative size. + + PR 22219 + * dwarf.c (process_debug_info): Add a check for a negative + cu_length field. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-14934 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + binutils/ChangeLog | 6 ++++++ + binutils/dwarf.c | 11 ++++++++++- + 2 files changed, 16 insertions(+), 1 deletion(-) + +Index: git/binutils/dwarf.c +=================================================================== +--- git.orig/binutils/dwarf.c ++++ git/binutils/dwarf.c +@@ -2547,7 +2547,7 @@ process_debug_info (struct dwarf_section + int level, last_level, saved_level; + dwarf_vma cu_offset; + unsigned int offset_size; +- int initial_length_size; ++ unsigned int initial_length_size; + dwarf_vma signature_high = 0; + dwarf_vma signature_low = 0; + dwarf_vma type_offset = 0; +@@ -2695,6 +2695,15 @@ process_debug_info (struct dwarf_section + num_units = unit; + break; + } ++ else if (compunit.cu_length + initial_length_size < initial_length_size) ++ { ++ warn (_("Debug info is corrupted, length of CU at %s is negative (%s)\n"), ++ dwarf_vmatoa ("x", cu_offset), ++ dwarf_vmatoa ("x", compunit.cu_length)); ++ num_units = unit; ++ break; ++ } ++ + tags = hdrptr; + start += compunit.cu_length + initial_length_size; + +Index: git/binutils/ChangeLog +=================================================================== +--- git.orig/binutils/ChangeLog ++++ git/binutils/ChangeLog +@@ -1,3 +1,9 @@ ++2017-09-27 Nick Clifton <nickc@redhat.com> ++ ++ PR 22219 ++ * dwarf.c (process_debug_info): Add a check for a negative ++ cu_length field. ++ + 2017-11-01 Alan Modra <amodra@gmail.com> + + Apply from master diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14938.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14938.patch new file mode 100644 index 0000000000..e62c73c06d --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14938.patch @@ -0,0 +1,64 @@ +From bd61e135492ecf624880e6b78e5fcde3c9716df6 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Sun, 24 Sep 2017 14:34:57 +0930 +Subject: [PATCH] PR22166, SHT_GNU_verneed memory allocation + +The sanity check covers the previous minimim size, plus that the size +is at least enough for sh_info verneed entries. + +Also, since we write all verneed fields or exit with an error, there +isn't any need to zero the memory allocated for verneed entries. + + PR 22166 + * elf.c (_bfd_elf_slurp_version_tables): Test sh_info on + SHT_GNU_verneed section for sanity. Don't zalloc memory for + verref. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-14938 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 7 +++++++ + bfd/elf.c | 5 +++-- + 2 files changed, 10 insertions(+), 2 deletions(-) + +Index: git/bfd/elf.c +=================================================================== +--- git.orig/bfd/elf.c ++++ git/bfd/elf.c +@@ -8198,7 +8198,8 @@ _bfd_elf_slurp_version_tables (bfd *abfd + + hdr = &elf_tdata (abfd)->dynverref_hdr; + +- if (hdr->sh_info == 0 || hdr->sh_size < sizeof (Elf_External_Verneed)) ++ if (hdr->sh_info == 0 ++ || hdr->sh_info > hdr->sh_size / sizeof (Elf_External_Verneed)) + { + error_return_bad_verref: + _bfd_error_handler +@@ -8219,7 +8220,7 @@ error_return_verref: + goto error_return_verref; + + elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) +- bfd_zalloc2 (abfd, hdr->sh_info, sizeof (Elf_Internal_Verneed)); ++ bfd_alloc2 (abfd, hdr->sh_info, sizeof (Elf_Internal_Verneed)); + + if (elf_tdata (abfd)->verref == NULL) + goto error_return_verref; +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,10 @@ ++2017-09-24 Alan Modra <amodra@gmail.com> ++ ++ PR 22166 ++ * elf.c (_bfd_elf_slurp_version_tables): Test sh_info on ++ SHT_GNU_verneed section for sanity. Don't zalloc memory for ++ verref. ++ + 2017-09-26 Alan Modra <amodra@gmail.com> + + PR 22210 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14939.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14939.patch new file mode 100644 index 0000000000..d1e4c3e609 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14939.patch @@ -0,0 +1,56 @@ +From 515f23e63c0074ab531bc954f84ca40c6281a724 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Sun, 24 Sep 2017 14:36:16 +0930 +Subject: [PATCH] PR22169, heap-based buffer overflow in read_1_byte + +The .debug_line header length field doesn't include the length field +itself, ie. it's the size of the rest of .debug_line. + + PR 22169 + * dwarf2.c (decode_line_info): Correct .debug_line unit_length check. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-14939 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 5 +++++ + bfd/dwarf2.c | 7 ++++--- + 2 files changed, 9 insertions(+), 3 deletions(-) + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -2084,12 +2084,13 @@ decode_line_info (struct comp_unit *unit + offset_size = 8; + } + +- if (unit->line_offset + lh.total_length > stash->dwarf_line_size) ++ if (lh.total_length > (size_t) (line_end - line_ptr)) + { + _bfd_error_handler + /* xgettext: c-format */ +- (_("Dwarf Error: Line info data is bigger (%#Lx) than the space remaining in the section (%#Lx)"), +- lh.total_length, stash->dwarf_line_size - unit->line_offset); ++ (_("Dwarf Error: Line info data is bigger (%#Lx)" ++ " than the space remaining in the section (%#lx)"), ++ lh.total_length, (unsigned long) (line_end - line_ptr)); + bfd_set_error (bfd_error_bad_value); + return NULL; + } +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,4 +1,9 @@ + 2017-09-24 Alan Modra <amodra@gmail.com> ++ ++ PR 22169 ++ * dwarf2.c (decode_line_info): Correct .debug_line unit_length check. ++ ++2017-09-24 Alan Modra <amodra@gmail.com> + + PR 22166 + * elf.c (_bfd_elf_slurp_version_tables): Test sh_info on diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14940.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14940.patch new file mode 100644 index 0000000000..49b0bdc546 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14940.patch @@ -0,0 +1,47 @@ +From 0d76029f92182c3682d8be2c833d45bc9a2068fe Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Sun, 24 Sep 2017 14:35:33 +0930 +Subject: [PATCH] PR22167, NULL pointer dereference in scan_unit_for_symbols + + PR 22167 + * dwarf2.c (scan_unit_for_symbols): Check u.blk->data is non-NULL. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-14940 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 5 +++++ + bfd/dwarf2.c | 3 ++- + 2 files changed, 7 insertions(+), 1 deletion(-) + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -3202,7 +3202,8 @@ scan_unit_for_symbols (struct comp_unit + case DW_FORM_block2: + case DW_FORM_block4: + case DW_FORM_exprloc: +- if (*attr.u.blk->data == DW_OP_addr) ++ if (attr.u.blk->data != NULL ++ && *attr.u.blk->data == DW_OP_addr) + { + var->stack = 0; + +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,5 +1,10 @@ + 2017-09-24 Alan Modra <amodra@gmail.com> + ++ PR 22167 ++ * dwarf2.c (scan_unit_for_symbols): Check u.blk->data is non-NULL. ++ ++2017-09-24 Alan Modra <amodra@gmail.com> ++ + PR 22169 + * dwarf2.c (decode_line_info): Correct .debug_line unit_length check. + diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-15021.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-15021.patch new file mode 100644 index 0000000000..caca7b107e --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-15021.patch @@ -0,0 +1,48 @@ +From 52b36c51e5bf6d7600fdc6ba115b170b0e78e31d Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Sun, 24 Sep 2017 21:36:18 +0930 +Subject: [PATCH] PR22197, buffer overflow in bfd_get_debug_link_info_1 + + PR 22197 + * opncls.c (bfd_get_debug_link_info_1): Properly check that crc is + within section bounds. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-15021 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 ++++++ + bfd/opncls.c | 2 +- + 2 files changed, 7 insertions(+), 1 deletion(-) + +Index: git/bfd/opncls.c +=================================================================== +--- git.orig/bfd/opncls.c ++++ git/bfd/opncls.c +@@ -1200,7 +1200,7 @@ bfd_get_debug_link_info_1 (bfd *abfd, vo + /* PR 17597: avoid reading off the end of the buffer. */ + crc_offset = strnlen (name, bfd_get_section_size (sect)) + 1; + crc_offset = (crc_offset + 3) & ~3; +- if (crc_offset >= bfd_get_section_size (sect)) ++ if (crc_offset + 4 > bfd_get_section_size (sect)) + return NULL; + + *crc32 = bfd_get_32 (abfd, contents + crc_offset); +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,5 +1,11 @@ + 2017-09-24 Alan Modra <amodra@gmail.com> + ++ PR 22197 ++ * opncls.c (bfd_get_debug_link_info_1): Properly check that crc is ++ within section bounds. ++ ++2017-09-24 Alan Modra <amodra@gmail.com> ++ + PR 22167 + * dwarf2.c (scan_unit_for_symbols): Check u.blk->data is non-NULL. + diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-15022.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-15022.patch new file mode 100644 index 0000000000..c9acfa7853 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-15022.patch @@ -0,0 +1,61 @@ +From 11855d8a1f11b102a702ab76e95b22082cccf2f8 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Mon, 25 Sep 2017 19:46:34 +0930 +Subject: [PATCH] PR22201, DW_AT_name with out of bounds reference + +DW_AT_name ought to always have a string value. + + PR 22201 + * dwarf2.c (scan_unit_for_symbols): Ignore DW_AT_name unless it + has string form. + (parse_comp_unit): Likewise. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-15022 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 7 +++++++ + bfd/dwarf2.c | 6 ++++-- + 2 files changed, 11 insertions(+), 2 deletions(-) + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -3177,7 +3177,8 @@ scan_unit_for_symbols (struct comp_unit + switch (attr.name) + { + case DW_AT_name: +- var->name = attr.u.str; ++ if (is_str_attr (attr.form)) ++ var->name = attr.u.str; + break; + + case DW_AT_decl_file: +@@ -3429,7 +3430,8 @@ parse_comp_unit (struct dwarf2_debug *st + break; + + case DW_AT_name: +- unit->name = attr.u.str; ++ if (is_str_attr (attr.form)) ++ unit->name = attr.u.str; + break; + + case DW_AT_low_pc: +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,10 @@ ++2017-09-25 Alan Modra <amodra@gmail.com> ++ ++ PR 22201 ++ * dwarf2.c (scan_unit_for_symbols): Ignore DW_AT_name unless it ++ has string form. ++ (parse_comp_unit): Likewise. ++ + 2017-09-24 Alan Modra <amodra@gmail.com> + + PR 22197 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-15023.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-15023.patch new file mode 100644 index 0000000000..9439b7b55f --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-15023.patch @@ -0,0 +1,52 @@ +From c361faae8d964db951b7100cada4dcdc983df1bf Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Mon, 25 Sep 2017 19:03:46 +0930 +Subject: [PATCH] PR22200, DWARF5 .debug_line sanity check + +The format_count entry can't be zero unless the count is also zero. + + PR 22200 + * dwarf2.c (read_formatted_entries): Error on format_count zero. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-15023 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 5 +++++ + bfd/dwarf2.c | 7 +++++++ + 2 files changed, 12 insertions(+) + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -1934,6 +1934,13 @@ read_formatted_entries (struct comp_unit + data_count = _bfd_safe_read_leb128 (abfd, buf, &bytes_read, FALSE, buf_end); + buf += bytes_read; + ++ if (format_count == 0 && data_count != 0) ++ { ++ _bfd_error_handler (_("Dwarf Error: Zero format count.")); ++ bfd_set_error (bfd_error_bad_value); ++ return FALSE; ++ } ++ + /* PR 22210. Paranoia check. Don't bother running the loop + if we know that we are going to run out of buffer. */ + if (data_count > (bfd_vma) (buf_end - buf)) +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,4 +1,9 @@ + 2017-09-25 Alan Modra <amodra@gmail.com> ++ ++ PR 22200 ++ * dwarf2.c (read_formatted_entries): Error on format_count zero. ++ ++2017-09-25 Alan Modra <amodra@gmail.com> + + PR 22201 + * dwarf2.c (scan_unit_for_symbols): Ignore DW_AT_name unless it diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-15024.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-15024.patch new file mode 100644 index 0000000000..53b072ebaf --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-15024.patch @@ -0,0 +1,227 @@ +From 52a93b95ec0771c97e26f0bb28630a271a667bd2 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Sun, 24 Sep 2017 14:37:16 +0930 +Subject: [PATCH] PR22187, infinite loop in find_abstract_instance_name + +This patch prevents the simple case of infinite recursion in +find_abstract_instance_name by ensuring that the attributes being +processed are not the same as the previous call. + +The patch also does a little cleanup, and leaves in place some changes +to the nested_funcs array that I made when I wrongly thought looping +might occur in scan_unit_for_symbols. + + PR 22187 + * dwarf2.c (find_abstract_instance_name): Add orig_info_ptr and + pname param. Return status. Make name const. Don't abort, + return an error. Formatting. Exit if current info_ptr matches + orig_info_ptr. Update callers. + (scan_unit_for_symbols): Start at nesting_level of zero. Make + nested_funcs an array of structs for extensibility. Formatting. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-15024 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 10 ++++++++ + bfd/dwarf2.c | 76 +++++++++++++++++++++++++++++++++++++++-------------------- + 2 files changed, 61 insertions(+), 25 deletions(-) + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -2823,9 +2823,11 @@ lookup_symbol_in_variable_table (struct + return FALSE; + } + +-static char * ++static bfd_boolean + find_abstract_instance_name (struct comp_unit *unit, ++ bfd_byte *orig_info_ptr, + struct attribute *attr_ptr, ++ const char **pname, + bfd_boolean *is_linkage) + { + bfd *abfd = unit->abfd; +@@ -2835,7 +2837,7 @@ find_abstract_instance_name (struct comp + struct abbrev_info *abbrev; + bfd_uint64_t die_ref = attr_ptr->u.val; + struct attribute attr; +- char *name = NULL; ++ const char *name = NULL; + + /* DW_FORM_ref_addr can reference an entry in a different CU. It + is an offset from the .debug_info section, not the current CU. */ +@@ -2844,7 +2846,12 @@ find_abstract_instance_name (struct comp + /* We only support DW_FORM_ref_addr within the same file, so + any relocations should be resolved already. */ + if (!die_ref) +- abort (); ++ { ++ _bfd_error_handler ++ (_("Dwarf Error: Abstract instance DIE ref zero.")); ++ bfd_set_error (bfd_error_bad_value); ++ return FALSE; ++ } + + info_ptr = unit->sec_info_ptr + die_ref; + info_ptr_end = unit->end_ptr; +@@ -2879,9 +2886,10 @@ find_abstract_instance_name (struct comp + _bfd_error_handler + (_("Dwarf Error: Unable to read alt ref %u."), die_ref); + bfd_set_error (bfd_error_bad_value); +- return NULL; ++ return FALSE; + } +- info_ptr_end = unit->stash->alt_dwarf_info_buffer + unit->stash->alt_dwarf_info_size; ++ info_ptr_end = (unit->stash->alt_dwarf_info_buffer ++ + unit->stash->alt_dwarf_info_size); + + /* FIXME: Do we need to locate the correct CU, in a similar + fashion to the code in the DW_FORM_ref_addr case above ? */ +@@ -2904,6 +2912,7 @@ find_abstract_instance_name (struct comp + _bfd_error_handler + (_("Dwarf Error: Could not find abbrev number %u."), abbrev_number); + bfd_set_error (bfd_error_bad_value); ++ return FALSE; + } + else + { +@@ -2913,6 +2922,15 @@ find_abstract_instance_name (struct comp + info_ptr, info_ptr_end); + if (info_ptr == NULL) + break; ++ /* It doesn't ever make sense for DW_AT_specification to ++ refer to the same DIE. Stop simple recursion. */ ++ if (info_ptr == orig_info_ptr) ++ { ++ _bfd_error_handler ++ (_("Dwarf Error: Abstract instance recursion detected.")); ++ bfd_set_error (bfd_error_bad_value); ++ return FALSE; ++ } + switch (attr.name) + { + case DW_AT_name: +@@ -2926,7 +2944,9 @@ find_abstract_instance_name (struct comp + } + break; + case DW_AT_specification: +- name = find_abstract_instance_name (unit, &attr, is_linkage); ++ if (!find_abstract_instance_name (unit, info_ptr, &attr, ++ pname, is_linkage)) ++ return FALSE; + break; + case DW_AT_linkage_name: + case DW_AT_MIPS_linkage_name: +@@ -2944,7 +2964,8 @@ find_abstract_instance_name (struct comp + } + } + } +- return name; ++ *pname = name; ++ return TRUE; + } + + static bfd_boolean +@@ -3005,20 +3026,22 @@ scan_unit_for_symbols (struct comp_unit + bfd *abfd = unit->abfd; + bfd_byte *info_ptr = unit->first_child_die_ptr; + bfd_byte *info_ptr_end = unit->stash->info_ptr_end; +- int nesting_level = 1; +- struct funcinfo **nested_funcs; ++ int nesting_level = 0; ++ struct nest_funcinfo { ++ struct funcinfo *func; ++ } *nested_funcs; + int nested_funcs_size; + + /* Maintain a stack of in-scope functions and inlined functions, which we + can use to set the caller_func field. */ + nested_funcs_size = 32; +- nested_funcs = (struct funcinfo **) +- bfd_malloc (nested_funcs_size * sizeof (struct funcinfo *)); ++ nested_funcs = (struct nest_funcinfo *) ++ bfd_malloc (nested_funcs_size * sizeof (*nested_funcs)); + if (nested_funcs == NULL) + return FALSE; +- nested_funcs[nesting_level] = 0; ++ nested_funcs[nesting_level].func = 0; + +- while (nesting_level) ++ while (nesting_level >= 0) + { + unsigned int abbrev_number, bytes_read, i; + struct abbrev_info *abbrev; +@@ -3076,13 +3099,13 @@ scan_unit_for_symbols (struct comp_unit + BFD_ASSERT (!unit->cached); + + if (func->tag == DW_TAG_inlined_subroutine) +- for (i = nesting_level - 1; i >= 1; i--) +- if (nested_funcs[i]) ++ for (i = nesting_level; i-- != 0; ) ++ if (nested_funcs[i].func) + { +- func->caller_func = nested_funcs[i]; ++ func->caller_func = nested_funcs[i].func; + break; + } +- nested_funcs[nesting_level] = func; ++ nested_funcs[nesting_level].func = func; + } + else + { +@@ -3102,12 +3125,13 @@ scan_unit_for_symbols (struct comp_unit + } + + /* No inline function in scope at this nesting level. */ +- nested_funcs[nesting_level] = 0; ++ nested_funcs[nesting_level].func = 0; + } + + for (i = 0; i < abbrev->num_attrs; ++i) + { +- info_ptr = read_attribute (&attr, &abbrev->attrs[i], unit, info_ptr, info_ptr_end); ++ info_ptr = read_attribute (&attr, &abbrev->attrs[i], ++ unit, info_ptr, info_ptr_end); + if (info_ptr == NULL) + goto fail; + +@@ -3126,8 +3150,10 @@ scan_unit_for_symbols (struct comp_unit + + case DW_AT_abstract_origin: + case DW_AT_specification: +- func->name = find_abstract_instance_name (unit, &attr, +- &func->is_linkage); ++ if (!find_abstract_instance_name (unit, info_ptr, &attr, ++ &func->name, ++ &func->is_linkage)) ++ goto fail; + break; + + case DW_AT_name: +@@ -3254,17 +3280,17 @@ scan_unit_for_symbols (struct comp_unit + + if (nesting_level >= nested_funcs_size) + { +- struct funcinfo **tmp; ++ struct nest_funcinfo *tmp; + + nested_funcs_size *= 2; +- tmp = (struct funcinfo **) ++ tmp = (struct nest_funcinfo *) + bfd_realloc (nested_funcs, +- nested_funcs_size * sizeof (struct funcinfo *)); ++ nested_funcs_size * sizeof (*nested_funcs)); + if (tmp == NULL) + goto fail; + nested_funcs = tmp; + } +- nested_funcs[nesting_level] = 0; ++ nested_funcs[nesting_level].func = 0; + } + } + diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-15025.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-15025.patch new file mode 100644 index 0000000000..ce5315976a --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-15025.patch @@ -0,0 +1,47 @@ +From d8010d3e75ec7194a4703774090b27486b742d48 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Sun, 24 Sep 2017 14:36:48 +0930 +Subject: [PATCH] PR22186, divide-by-zero in decode_line_info + + PR 22186 + * dwarf2.c (decode_line_info): Fail on lh.line_range of zero + rather than dividing by zero. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-15025 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 ++++++ + bfd/dwarf2.c | 2 ++ + 2 files changed, 8 insertions(+) + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -2432,6 +2432,8 @@ decode_line_info (struct comp_unit *unit + case DW_LNS_set_basic_block: + break; + case DW_LNS_const_add_pc: ++ if (lh.line_range == 0) ++ goto line_fail; + if (lh.maximum_ops_per_insn == 1) + address += (lh.minimum_instruction_length + * ((255 - lh.opcode_base) / lh.line_range)); +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,10 @@ ++2017-09-24 Alan Modra <amodra@gmail.com> ++ ++ PR 22186 ++ * dwarf2.c (decode_line_info): Fail on lh.line_range of zero ++ rather than dividing by zero. ++ ++ + 2017-09-25 Alan Modra <amodra@gmail.com> + + PR 22200 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-15225.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-15225.patch new file mode 100644 index 0000000000..2ef3f53737 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-15225.patch @@ -0,0 +1,48 @@ +From b55ec8b676ed05d93ee49d6c79ae0403616c4fb0 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Mon, 9 Oct 2017 13:21:44 +1030 +Subject: [PATCH] PR22212, memory leak in nm + + PR 22212 + * dwarf2.c (_bfd_dwarf2_cleanup_debug_info): Free + funcinfo_hash_table and varinfo_hash_table. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-15225 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 ++++++ + bfd/dwarf2.c | 4 ++++ + 2 files changed, 10 insertions(+) + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -4932,6 +4932,10 @@ _bfd_dwarf2_cleanup_debug_info (bfd *abf + } + } + ++ if (stash->funcinfo_hash_table) ++ bfd_hash_table_free (&stash->funcinfo_hash_table->base); ++ if (stash->varinfo_hash_table) ++ bfd_hash_table_free (&stash->varinfo_hash_table->base); + if (stash->dwarf_abbrev_buffer) + free (stash->dwarf_abbrev_buffer); + if (stash->dwarf_line_buffer) +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,9 @@ ++2017-10-09 Alan Modra <amodra@gmail.com> ++ ++ PR 22212 ++ * dwarf2.c (_bfd_dwarf2_cleanup_debug_info): Free ++ funcinfo_hash_table and varinfo_hash_table. ++ + 2017-09-24 Alan Modra <amodra@gmail.com> + + PR 22186 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-15939.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-15939.patch new file mode 100644 index 0000000000..bccad763f4 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-15939.patch @@ -0,0 +1,113 @@ +From a54018b72d75abf2e74bf36016702da06399c1d9 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Tue, 26 Sep 2017 09:38:26 +0930 +Subject: [PATCH] PR22205, .debug_line file table NULL filename + +The PR22200 fuzzer testcase found one way to put NULLs into .debug_line +file tables. PR22205 finds another. This patch gives up on trying to +prevent NULL files in the file table and instead just copes with them. +Arguably, this is better than giving up and showing no info from +.debug_line. I've also fixed a case where the fairly recent DWARF5 +support in handling broken DWARG could result in uninitialized memory +reads, and made a small tidy. + + PR 22205 + * dwarf2.c (concat_filename): Return "<unknown>" on NULL filename. + (read_formatted_entries): Init "fe". + (decode_line_info <DW_LNE_define_file>): Use line_info_add_file_name. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-15939 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 7 +++++++ + bfd/dwarf2.c | 35 +++++++++++++---------------------- + 2 files changed, 20 insertions(+), 22 deletions(-) + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -1597,6 +1597,8 @@ concat_filename (struct line_info_table + } + + filename = table->files[file - 1].name; ++ if (filename == NULL) ++ return strdup ("<unknown>"); + + if (!IS_ABSOLUTE_PATH (filename)) + { +@@ -1956,6 +1958,7 @@ read_formatted_entries (struct comp_unit + bfd_byte *format = format_header_data; + struct fileinfo fe; + ++ memset (&fe, 0, sizeof fe); + for (formati = 0; formati < format_count; formati++) + { + bfd_vma content_type, form; +@@ -2256,6 +2259,7 @@ decode_line_info (struct comp_unit *unit + unsigned int discriminator = 0; + int is_stmt = lh.default_is_stmt; + int end_sequence = 0; ++ unsigned int dir, xtime, size; + /* eraxxon@alumni.rice.edu: Against the DWARF2 specs, some + compilers generate address sequences that are wildly out of + order using DW_LNE_set_address (e.g. Intel C++ 6.0 compiler +@@ -2330,31 +2334,18 @@ decode_line_info (struct comp_unit *unit + case DW_LNE_define_file: + cur_file = read_string (abfd, line_ptr, line_end, &bytes_read); + line_ptr += bytes_read; +- if ((table->num_files % FILE_ALLOC_CHUNK) == 0) +- { +- struct fileinfo *tmp; +- +- amt = table->num_files + FILE_ALLOC_CHUNK; +- amt *= sizeof (struct fileinfo); +- tmp = (struct fileinfo *) bfd_realloc (table->files, amt); +- if (tmp == NULL) +- goto line_fail; +- table->files = tmp; +- } +- table->files[table->num_files].name = cur_file; +- table->files[table->num_files].dir = +- _bfd_safe_read_leb128 (abfd, line_ptr, &bytes_read, +- FALSE, line_end); ++ dir = _bfd_safe_read_leb128 (abfd, line_ptr, &bytes_read, ++ FALSE, line_end); + line_ptr += bytes_read; +- table->files[table->num_files].time = +- _bfd_safe_read_leb128 (abfd, line_ptr, &bytes_read, +- FALSE, line_end); ++ xtime = _bfd_safe_read_leb128 (abfd, line_ptr, &bytes_read, ++ FALSE, line_end); + line_ptr += bytes_read; +- table->files[table->num_files].size = +- _bfd_safe_read_leb128 (abfd, line_ptr, &bytes_read, +- FALSE, line_end); ++ size = _bfd_safe_read_leb128 (abfd, line_ptr, &bytes_read, ++ FALSE, line_end); + line_ptr += bytes_read; +- table->num_files++; ++ if (!line_info_add_file_name (table, cur_file, dir, ++ xtime, size)) ++ goto line_fail; + break; + case DW_LNE_set_discriminator: + discriminator = +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,10 @@ ++2017-09-26 Alan Modra <amodra@gmail.com> ++ ++ PR 22205 ++ * dwarf2.c (concat_filename): Return "<unknown>" on NULL filename. ++ (read_formatted_entries): Init "fe". ++ (decode_line_info <DW_LNE_define_file>): Use line_info_add_file_name. ++ + 2017-10-09 Alan Modra <amodra@gmail.com> + + PR 22212 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-15996.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-15996.patch new file mode 100644 index 0000000000..dab8380e33 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-15996.patch @@ -0,0 +1,84 @@ +From d91f0b20e561e326ee91a09a76206257bde8438b Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Sat, 28 Oct 2017 21:31:16 +1030 +Subject: [PATCH] PR22361 readelf buffer overflow on fuzzed archive header + + PR 22361 + * readelf.c (process_archive_index_and_symbols): Ensure ar_size + field is zero terminated for strtoul. + (setup_archive, get_archive_member_name): Likewise. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-15996 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + binutils/ChangeLog | 7 +++++++ + binutils/elfcomm.c | 11 +++++++++++ + 2 files changed, 18 insertions(+) + +Index: git/binutils/elfcomm.c +=================================================================== +--- git.orig/binutils/elfcomm.c ++++ git/binutils/elfcomm.c +@@ -466,8 +466,12 @@ process_archive_index_and_symbols (struc + { + size_t got; + unsigned long size; ++ char fmag_save; + ++ fmag_save = arch->arhdr.ar_fmag[0]; ++ arch->arhdr.ar_fmag[0] = 0; + size = strtoul (arch->arhdr.ar_size, NULL, 10); ++ arch->arhdr.ar_fmag[0] = fmag_save; + /* PR 17531: file: 912bd7de. */ + if ((signed long) size < 0) + { +@@ -655,7 +659,10 @@ setup_archive (struct archive_info *arch + if (const_strneq (arch->arhdr.ar_name, "// ")) + { + /* This is the archive string table holding long member names. */ ++ char fmag_save = arch->arhdr.ar_fmag[0]; ++ arch->arhdr.ar_fmag[0] = 0; + arch->longnames_size = strtoul (arch->arhdr.ar_size, NULL, 10); ++ arch->arhdr.ar_fmag[0] = fmag_save; + /* PR 17531: file: 01068045. */ + if (arch->longnames_size < 8) + { +@@ -758,6 +765,7 @@ get_archive_member_name (struct archive_ + char *endp; + char *member_file_name; + char *member_name; ++ char fmag_save; + + if (arch->longnames == NULL || arch->longnames_size == 0) + { +@@ -766,9 +774,12 @@ get_archive_member_name (struct archive_ + } + + arch->nested_member_origin = 0; ++ fmag_save = arch->arhdr.ar_fmag[0]; ++ arch->arhdr.ar_fmag[0] = 0; + k = j = strtoul (arch->arhdr.ar_name + 1, &endp, 10); + if (arch->is_thin_archive && endp != NULL && * endp == ':') + arch->nested_member_origin = strtoul (endp + 1, NULL, 10); ++ arch->arhdr.ar_fmag[0] = fmag_save; + + if (j > arch->longnames_size) + { +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,10 @@ ++2017-10-28 Alan Modra <amodra@gmail.com> ++ ++ PR 22361 ++ * readelf.c (process_archive_index_and_symbols): Ensure ar_size ++ field is zero terminated for strtoul. ++ (setup_archive, get_archive_member_name): Likewise. ++ + 2017-09-26 Alan Modra <amodra@gmail.com> + + PR 22205 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-16826.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-16826.patch new file mode 100644 index 0000000000..bb24ba8834 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-16826.patch @@ -0,0 +1,53 @@ +From a67d66eb97e7613a38ffe6622d837303b3ecd31d Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Wed, 1 Nov 2017 15:21:46 +0000 +Subject: [PATCH] Prevent illegal memory accesses when attempting to read + excessively large COFF line number tables. + + PR 22376 + * coffcode.h (coff_slurp_line_table): Check for an excessively + large line number count. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-16826 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 ++++++ + bfd/coffcode.h | 8 ++++++++ + 2 files changed, 14 insertions(+) + +Index: git/bfd/coffcode.h +=================================================================== +--- git.orig/bfd/coffcode.h ++++ git/bfd/coffcode.h +@@ -4578,6 +4578,14 @@ coff_slurp_line_table (bfd *abfd, asecti + + BFD_ASSERT (asect->lineno == NULL); + ++ if (asect->lineno_count > asect->size) ++ { ++ _bfd_error_handler ++ (_("%B: warning: line number count (%#lx) exceeds section size (%#lx)"), ++ abfd, (unsigned long) asect->lineno_count, (unsigned long) asect->size); ++ return FALSE; ++ } ++ + amt = ((bfd_size_type) asect->lineno_count + 1) * sizeof (alent); + lineno_cache = (alent *) bfd_alloc (abfd, amt); + if (lineno_cache == NULL) +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,9 @@ ++2017-11-01 Nick Clifton <nickc@redhat.com> ++ ++ PR 22376 ++ * coffcode.h (coff_slurp_line_table): Check for an excessively ++ large line number count. ++ + 2017-10-28 Alan Modra <amodra@gmail.com> + + PR 22361 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-16827.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-16827.patch new file mode 100644 index 0000000000..dbc577c8e0 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-16827.patch @@ -0,0 +1,95 @@ +From 0301ce1486b1450f219202677f30d0fa97335419 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Tue, 17 Oct 2017 16:43:47 +1030 +Subject: [PATCH] PR22306, Invalid free() in slurp_symtab() + + PR 22306 + * aoutx.h (aout_get_external_symbols): Handle stringsize of zero, + and error for any other size that doesn't cover the header word. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-16827 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 ++++++ + bfd/aoutx.h | 45 ++++++++++++++++++++++++++++++--------------- + 2 files changed, 36 insertions(+), 15 deletions(-) + +Index: git/bfd/aoutx.h +=================================================================== +--- git.orig/bfd/aoutx.h ++++ git/bfd/aoutx.h +@@ -1352,27 +1352,42 @@ aout_get_external_symbols (bfd *abfd) + || bfd_bread ((void *) string_chars, amt, abfd) != amt) + return FALSE; + stringsize = GET_WORD (abfd, string_chars); ++ if (stringsize == 0) ++ stringsize = 1; ++ else if (stringsize < BYTES_IN_WORD ++ || (size_t) stringsize != stringsize) ++ { ++ bfd_set_error (bfd_error_bad_value); ++ return FALSE; ++ } + + #ifdef USE_MMAP +- if (! bfd_get_file_window (abfd, obj_str_filepos (abfd), stringsize, +- &obj_aout_string_window (abfd), TRUE)) +- return FALSE; +- strings = (char *) obj_aout_string_window (abfd).data; +-#else +- strings = (char *) bfd_malloc (stringsize + 1); +- if (strings == NULL) +- return FALSE; +- +- /* Skip space for the string count in the buffer for convenience +- when using indexes. */ +- amt = stringsize - BYTES_IN_WORD; +- if (bfd_bread (strings + BYTES_IN_WORD, amt, abfd) != amt) ++ if (stringsize >= BYTES_IN_WORD) + { +- free (strings); +- return FALSE; ++ if (! bfd_get_file_window (abfd, obj_str_filepos (abfd), stringsize, ++ &obj_aout_string_window (abfd), TRUE)) ++ return FALSE; ++ strings = (char *) obj_aout_string_window (abfd).data; + } ++ else + #endif ++ { ++ strings = (char *) bfd_malloc (stringsize); ++ if (strings == NULL) ++ return FALSE; + ++ if (stringsize >= BYTES_IN_WORD) ++ { ++ /* Keep the string count in the buffer for convenience ++ when indexing with e_strx. */ ++ amt = stringsize - BYTES_IN_WORD; ++ if (bfd_bread (strings + BYTES_IN_WORD, amt, abfd) != amt) ++ { ++ free (strings); ++ return FALSE; ++ } ++ } ++ } + /* Ensure that a zero index yields an empty string. */ + strings[0] = '\0'; + +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,9 @@ ++2017-10-17 Alan Modra <amodra@gmail.com> ++ ++ PR 22306 ++ * aoutx.h (aout_get_external_symbols): Handle stringsize of zero, ++ and error for any other size that doesn't cover the header word. ++ + 2017-11-01 Nick Clifton <nickc@redhat.com> + + PR 22376 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-16828_p1.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-16828_p1.patch new file mode 100644 index 0000000000..310908f86d --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-16828_p1.patch @@ -0,0 +1,79 @@ +From 9c0f3d3f2017829ffd908c9893b85094985c3b58 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Thu, 5 Oct 2017 17:32:18 +1030 +Subject: [PATCH] PR22239 - invalid memory read in display_debug_frames + +Pointer comparisons have traps for the unwary. After adding a large +unknown value to "start", the test "start < end" depends on where +"start" is originally in memory. + + PR 22239 + * dwarf.c (read_cie): Don't compare "start" and "end" pointers + after adding a possibly wild length to "start", compare the length + to the difference of the pointers instead. Remove now redundant + "negative" length test. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-16828 patch1 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + binutils/ChangeLog | 8 ++++++++ + binutils/dwarf.c | 15 ++++----------- + 2 files changed, 12 insertions(+), 11 deletions(-) + +Index: git/binutils/dwarf.c +=================================================================== +--- git.orig/binutils/dwarf.c ++++ git/binutils/dwarf.c +@@ -6652,14 +6652,14 @@ read_cie (unsigned char *start, unsigned + { + READ_ULEB (augmentation_data_len); + augmentation_data = start; +- start += augmentation_data_len; + /* PR 17512: file: 11042-2589-0.004. */ +- if (start > end) ++ if (augmentation_data_len > (size_t) (end - start)) + { + warn (_("Augmentation data too long: %#lx, expected at most %#lx\n"), +- augmentation_data_len, (long)((end - start) + augmentation_data_len)); ++ augmentation_data_len, (unsigned long) (end - start)); + return end; + } ++ start += augmentation_data_len; + } + + if (augmentation_data_len) +@@ -6672,14 +6672,7 @@ read_cie (unsigned char *start, unsigned + q = augmentation_data; + qend = q + augmentation_data_len; + +- /* PR 17531: file: 015adfaa. */ +- if (qend < q) +- { +- warn (_("Negative augmentation data length: 0x%lx"), augmentation_data_len); +- augmentation_data_len = 0; +- } +- +- while (p < end && q < augmentation_data + augmentation_data_len) ++ while (p < end && q < qend) + { + if (*p == 'L') + q++; +Index: git/binutils/ChangeLog +=================================================================== +--- git.orig/binutils/ChangeLog ++++ git/binutils/ChangeLog +@@ -1,3 +1,11 @@ ++2017-10-05 Alan Modra <amodra@gmail.com> ++ ++ PR 22239 ++ * dwarf.c (read_cie): Don't compare "start" and "end" pointers ++ after adding a possibly wild length to "start", compare the length ++ to the difference of the pointers instead. Remove now redundant ++ "negative" length test. ++ + 2017-09-27 Nick Clifton <nickc@redhat.com> + + PR 22219 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-16828_p2.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-16828_p2.patch new file mode 100644 index 0000000000..5073d31ce0 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-16828_p2.patch @@ -0,0 +1,149 @@ +From bf59c5d5f4f5b8b4da1f5f605cfa546f8029b43d Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Fri, 3 Nov 2017 13:57:15 +0000 +Subject: [PATCH] Fix integer overflow problems when reading an ELF binary with + corrupt augmentation data. + + PR 22386 + * dwarf.c (read_cie): Use bfd_size_type for + augmentation_data_len. + (display_augmentation_data): New function. + (display_debug_frames): Use it. + Check for integer overflow when testing augmentation_data_len. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-16828 patch2 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + binutils/ChangeLog | 10 +++++++++ + binutils/dwarf.c | 65 +++++++++++++++++++++++++++++++++--------------------- + 2 files changed, 50 insertions(+), 25 deletions(-) + +Index: git/binutils/dwarf.c +=================================================================== +--- git.orig/binutils/dwarf.c ++++ git/binutils/dwarf.c +@@ -6577,13 +6577,13 @@ frame_display_row (Frame_Chunk *fc, int + static unsigned char * + read_cie (unsigned char *start, unsigned char *end, + Frame_Chunk **p_cie, int *p_version, +- unsigned long *p_aug_len, unsigned char **p_aug) ++ bfd_size_type *p_aug_len, unsigned char **p_aug) + { + int version; + Frame_Chunk *fc; + unsigned int length_return; + unsigned char *augmentation_data = NULL; +- unsigned long augmentation_data_len = 0; ++ bfd_size_type augmentation_data_len = 0; + + * p_cie = NULL; + /* PR 17512: file: 001-228113-0.004. */ +@@ -6653,10 +6653,11 @@ read_cie (unsigned char *start, unsigned + READ_ULEB (augmentation_data_len); + augmentation_data = start; + /* PR 17512: file: 11042-2589-0.004. */ +- if (augmentation_data_len > (size_t) (end - start)) ++ if (augmentation_data_len > (bfd_size_type) (end - start)) + { +- warn (_("Augmentation data too long: %#lx, expected at most %#lx\n"), +- augmentation_data_len, (unsigned long) (end - start)); ++ warn (_("Augmentation data too long: 0x%s, expected at most %#lx\n"), ++ dwarf_vmatoa ("x", augmentation_data_len), ++ (unsigned long) (end - start)); + return end; + } + start += augmentation_data_len; +@@ -6701,6 +6702,31 @@ read_cie (unsigned char *start, unsigned + return start; + } + ++/* Prints out the contents on the augmentation data array. ++ If do_wide is not enabled, then formats the output to fit into 80 columns. */ ++ ++static void ++display_augmentation_data (const unsigned char * data, const bfd_size_type len) ++{ ++ bfd_size_type i; ++ ++ i = printf (_(" Augmentation data: ")); ++ ++ if (do_wide || len < ((80 - i) / 3)) ++ for (i = 0; i < len; ++i) ++ printf (" %02x", data[i]); ++ else ++ { ++ for (i = 0; i < len; ++i) ++ { ++ if (i % (80 / 3) == 0) ++ putchar ('\n'); ++ printf (" %02x", data[i]); ++ } ++ } ++ putchar ('\n'); ++} ++ + static int + display_debug_frames (struct dwarf_section *section, + void *file ATTRIBUTE_UNUSED) +@@ -6729,7 +6755,7 @@ display_debug_frames (struct dwarf_secti + Frame_Chunk *cie; + int need_col_headers = 1; + unsigned char *augmentation_data = NULL; +- unsigned long augmentation_data_len = 0; ++ bfd_size_type augmentation_data_len = 0; + unsigned int encoded_ptr_size = saved_eh_addr_size; + unsigned int offset_size; + unsigned int initial_length_size; +@@ -6823,16 +6849,8 @@ display_debug_frames (struct dwarf_secti + printf (" Return address column: %d\n", fc->ra); + + if (augmentation_data_len) +- { +- unsigned long i; ++ display_augmentation_data (augmentation_data, augmentation_data_len); + +- printf (" Augmentation data: "); +- for (i = 0; i < augmentation_data_len; ++i) +- /* FIXME: If do_wide is FALSE, then we should +- add carriage returns at 80 columns... */ +- printf (" %02x", augmentation_data[i]); +- putchar ('\n'); +- } + putchar ('\n'); + } + } +@@ -6988,11 +7006,13 @@ display_debug_frames (struct dwarf_secti + READ_ULEB (augmentation_data_len); + augmentation_data = start; + start += augmentation_data_len; +- /* PR 17512: file: 722-8446-0.004. */ +- if (start >= end || ((signed long) augmentation_data_len) < 0) ++ /* PR 17512 file: 722-8446-0.004 and PR 22386. */ ++ if (start >= end ++ || ((bfd_signed_vma) augmentation_data_len) < 0 ++ || augmentation_data > start) + { +- warn (_("Corrupt augmentation data length: %lx\n"), +- augmentation_data_len); ++ warn (_("Corrupt augmentation data length: 0x%s\n"), ++ dwarf_vmatoa ("x", augmentation_data_len)); + start = end; + augmentation_data = NULL; + augmentation_data_len = 0; +@@ -7014,12 +7034,7 @@ display_debug_frames (struct dwarf_secti + + if (! do_debug_frames_interp && augmentation_data_len) + { +- unsigned long i; +- +- printf (" Augmentation data: "); +- for (i = 0; i < augmentation_data_len; ++i) +- printf (" %02x", augmentation_data[i]); +- putchar ('\n'); ++ display_augmentation_data (augmentation_data, augmentation_data_len); + putchar ('\n'); + } + } diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-16829.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-16829.patch new file mode 100644 index 0000000000..f9410e2728 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-16829.patch @@ -0,0 +1,82 @@ +From cf54ebff3b7361989712fd9c0128a9b255578163 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Tue, 17 Oct 2017 21:57:29 +1030 +Subject: [PATCH] PR22307, Heap out of bounds read in + _bfd_elf_parse_gnu_properties + +When adding an unbounded increment to a pointer, you can't just check +against the end of the buffer but also must check that overflow +doesn't result in "negative" pointer movement. Pointer comparisons +are signed. Better, check the increment against the space left using +an unsigned comparison. + + PR 22307 + * elf-properties.c (_bfd_elf_parse_gnu_properties): Compare datasz + against size left rather than comparing pointers. Reorganise loop. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-16829 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 ++++++ + bfd/elf-properties.c | 18 +++++++++--------- + 2 files changed, 15 insertions(+), 9 deletions(-) + +Index: git/bfd/elf-properties.c +=================================================================== +--- git.orig/bfd/elf-properties.c ++++ git/bfd/elf-properties.c +@@ -93,15 +93,20 @@ bad_size: + return FALSE; + } + +- while (1) ++ while (ptr != ptr_end) + { +- unsigned int type = bfd_h_get_32 (abfd, ptr); +- unsigned int datasz = bfd_h_get_32 (abfd, ptr + 4); ++ unsigned int type; ++ unsigned int datasz; + elf_property *prop; + ++ if ((size_t) (ptr_end - ptr) < 8) ++ goto bad_size; ++ ++ type = bfd_h_get_32 (abfd, ptr); ++ datasz = bfd_h_get_32 (abfd, ptr + 4); + ptr += 8; + +- if ((ptr + datasz) > ptr_end) ++ if (datasz > (size_t) (ptr_end - ptr)) + { + _bfd_error_handler + (_("warning: %B: corrupt GNU_PROPERTY_TYPE (%ld) type (0x%x) datasz: 0x%x"), +@@ -182,11 +187,6 @@ bad_size: + + next: + ptr += (datasz + (align_size - 1)) & ~ (align_size - 1); +- if (ptr == ptr_end) +- break; +- +- if (ptr > (ptr_end - 8)) +- goto bad_size; + } + + return TRUE; +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,4 +1,10 @@ + 2017-10-17 Alan Modra <amodra@gmail.com> ++ ++ PR 22307 ++ * elf-properties.c (_bfd_elf_parse_gnu_properties): Compare datasz ++ against size left rather than comparing pointers. Reorganise loop. ++ ++2017-10-17 Alan Modra <amodra@gmail.com> + + PR 22306 + * aoutx.h (aout_get_external_symbols): Handle stringsize of zero, diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-16830.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-16830.patch new file mode 100644 index 0000000000..1382c8e3e7 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-16830.patch @@ -0,0 +1,91 @@ +From 6ab2c4ed51f9c4243691755e1b1d2149c6a426f4 Mon Sep 17 00:00:00 2001 +From: Mingi Cho <mgcho.minic@gmail.com> +Date: Thu, 2 Nov 2017 17:01:08 +0000 +Subject: [PATCH] Work around integer overflows when readelf is checking for + corrupt ELF notes when run on a 32-bit host. + + PR 22384 + * readelf.c (print_gnu_property_note): Improve overflow checks so + that they will work on a 32-bit host. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-16830 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + binutils/ChangeLog | 6 ++++++ + binutils/readelf.c | 33 +++++++++++++++++---------------- + 2 files changed, 23 insertions(+), 16 deletions(-) + +Index: git/binutils/readelf.c +=================================================================== +--- git.orig/binutils/readelf.c ++++ git/binutils/readelf.c +@@ -16431,15 +16431,24 @@ print_gnu_property_note (Elf_Internal_No + return; + } + +- while (1) ++ while (ptr < ptr_end) + { + unsigned int j; +- unsigned int type = byte_get (ptr, 4); +- unsigned int datasz = byte_get (ptr + 4, 4); ++ unsigned int type; ++ unsigned int datasz; ++ ++ if ((size_t) (ptr_end - ptr) < 8) ++ { ++ printf (_("<corrupt descsz: %#lx>\n"), pnote->descsz); ++ break; ++ } ++ ++ type = byte_get (ptr, 4); ++ datasz = byte_get (ptr + 4, 4); + + ptr += 8; + +- if ((ptr + datasz) > ptr_end) ++ if (datasz > (size_t) (ptr_end - ptr)) + { + printf (_("<corrupt type (%#x) datasz: %#x>\n"), + type, datasz); +@@ -16520,19 +16529,11 @@ next: + ptr += ((datasz + (size - 1)) & ~ (size - 1)); + if (ptr == ptr_end) + break; +- else +- { +- if (do_wide) +- printf (", "); +- else +- printf ("\n\t"); +- } + +- if (ptr > (ptr_end - 8)) +- { +- printf (_("<corrupt descsz: %#lx>\n"), pnote->descsz); +- break; +- } ++ if (do_wide) ++ printf (", "); ++ else ++ printf ("\n\t"); + } + + printf ("\n"); +Index: git/binutils/ChangeLog +=================================================================== +--- git.orig/binutils/ChangeLog ++++ git/binutils/ChangeLog +@@ -1,3 +1,9 @@ ++2017-11-02 Mingi Cho <mgcho.minic@gmail.com> ++ ++ PR 22384 ++ * readelf.c (print_gnu_property_note): Improve overflow checks so ++ that they will work on a 32-bit host. ++ + 2017-10-05 Alan Modra <amodra@gmail.com> + + PR 22239 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-16831.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-16831.patch new file mode 100644 index 0000000000..7acd5e0f2f --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-16831.patch @@ -0,0 +1,77 @@ +From 6cee897971d4d7cd37d2a686bb6d2aa3e759c8ca Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Fri, 3 Nov 2017 11:55:21 +0000 +Subject: [PATCH] Fix excessive memory allocation attempts and possible integer + overfloaws when attempting to read a COFF binary with a corrupt symbol count. + + PR 22385 + * coffgen.c (_bfd_coff_get_external_symbols): Check for an + overlarge raw syment count. + (coff_get_normalized_symtab): Likewise. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-16831 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 8 ++++++++ + bfd/coffgen.c | 17 +++++++++++++++-- + 2 files changed, 23 insertions(+), 2 deletions(-) + +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,11 @@ ++2017-11-03 Mingi Cho <mgcho.minic@gmail.com> ++ Nick Clifton <nickc@redhat.com> ++ ++ PR 22385 ++ * coffgen.c (_bfd_coff_get_external_symbols): Check for an ++ overlarge raw syment count. ++ (coff_get_normalized_symtab): Likewise. ++ + 2017-10-17 Alan Modra <amodra@gmail.com> + + PR 22307 +Index: git/bfd/coffgen.c +=================================================================== +--- git.orig/bfd/coffgen.c ++++ git/bfd/coffgen.c +@@ -1640,13 +1640,23 @@ _bfd_coff_get_external_symbols (bfd *abf + size = obj_raw_syment_count (abfd) * symesz; + if (size == 0) + return TRUE; ++ /* Check for integer overflow and for unreasonable symbol counts. */ ++ if (size < obj_raw_syment_count (abfd) ++ || (bfd_get_file_size (abfd) > 0 ++ && size > bfd_get_file_size (abfd))) ++ ++ { ++ _bfd_error_handler (_("%B: corrupt symbol count: %#Lx"), ++ abfd, obj_raw_syment_count (abfd)); ++ return FALSE; ++ } + + syms = bfd_malloc (size); + if (syms == NULL) + { + /* PR 21013: Provide an error message when the alloc fails. */ +- _bfd_error_handler (_("%B: Not enough memory to allocate space for %lu symbols"), +- abfd, size); ++ _bfd_error_handler (_("%B: not enough memory to allocate space for %#Lx symbols of size %#Lx"), ++ abfd, obj_raw_syment_count (abfd), symesz); + return FALSE; + } + +@@ -1790,6 +1800,9 @@ coff_get_normalized_symtab (bfd *abfd) + return NULL; + + size = obj_raw_syment_count (abfd) * sizeof (combined_entry_type); ++ /* Check for integer overflow. */ ++ if (size < obj_raw_syment_count (abfd)) ++ return NULL; + internal = (combined_entry_type *) bfd_zalloc (abfd, size); + if (internal == NULL && size != 0) + return NULL; diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-16832.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-16832.patch new file mode 100644 index 0000000000..9044bccf95 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-16832.patch @@ -0,0 +1,61 @@ +From 0bb6961f18b8e832d88b490d421ca56cea16c45b Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Tue, 31 Oct 2017 14:29:40 +0000 +Subject: [PATCH] Fix illegal memory access triggered when parsing a PE binary + with a corrupt data dictionary. + + PR 22373 + * peicode.h (pe_bfd_read_buildid): Check for invalid size and data + offset values. + +Upstrem-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-16832 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 ++++++ + bfd/peicode.h | 9 ++++++--- + 2 files changed, 12 insertions(+), 3 deletions(-) + +Index: git/bfd/peicode.h +=================================================================== +--- git.orig/bfd/peicode.h ++++ git/bfd/peicode.h +@@ -1303,7 +1303,6 @@ pe_bfd_read_buildid (bfd *abfd) + bfd_byte *data = 0; + bfd_size_type dataoff; + unsigned int i; +- + bfd_vma addr = extra->DataDirectory[PE_DEBUG_DATA].VirtualAddress; + bfd_size_type size = extra->DataDirectory[PE_DEBUG_DATA].Size; + +@@ -1327,8 +1326,12 @@ pe_bfd_read_buildid (bfd *abfd) + + dataoff = addr - section->vma; + +- /* PR 20605: Make sure that the data is really there. */ +- if (dataoff + size > section->size) ++ /* PR 20605 and 22373: Make sure that the data is really there. ++ Note - since we are dealing with unsigned quantities we have ++ to be careful to check for potential overflows. */ ++ if (dataoff > section->size ++ || size > section->size ++ || dataoff + size > section->size) + { + _bfd_error_handler (_("%B: Error: Debug Data ends beyond end of debug directory."), + abfd); +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,9 @@ ++2017-10-31 Nick Clifton <nickc@redhat.com> ++ ++ PR 22373 ++ * peicode.h (pe_bfd_read_buildid): Check for invalid size and data ++ offset values. ++ + 2017-11-03 Mingi Cho <mgcho.minic@gmail.com> + Nick Clifton <nickc@redhat.com> + diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-17080.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-17080.patch new file mode 100644 index 0000000000..611a276def --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-17080.patch @@ -0,0 +1,78 @@ +From 80a0437873045cc08753fcac4af154e2931a99fd Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Thu, 16 Nov 2017 14:53:32 +0000 +Subject: [PATCH] Prevent illegal memory accesses when parsing incorrecctly + formated core notes. + + PR 22421 + * elf.c (elfcore_grok_netbsd_procinfo): Check that the note is big enough. + (elfcore_grok_openbsd_procinfo): Likewise. + (elfcore_grok_nto_status): Likewise. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-17080 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 7 +++++++ + bfd/elf.c | 10 ++++++++++ + 2 files changed, 17 insertions(+) + +Index: git/bfd/elf.c +=================================================================== +--- git.orig/bfd/elf.c ++++ git/bfd/elf.c +@@ -9862,6 +9862,7 @@ elfcore_grok_freebsd_psinfo (bfd *abfd, + /* Check for version 1 in pr_version. */ + if (bfd_h_get_32 (abfd, (bfd_byte *) note->descdata) != 1) + return FALSE; ++ + offset = 4; + + /* Skip over pr_psinfosz. */ +@@ -10030,6 +10031,9 @@ elfcore_netbsd_get_lwpid (Elf_Internal_N + static bfd_boolean + elfcore_grok_netbsd_procinfo (bfd *abfd, Elf_Internal_Note *note) + { ++ if (note->descsz <= 0x7c + 31) ++ return FALSE; ++ + /* Signal number at offset 0x08. */ + elf_tdata (abfd)->core->signal + = bfd_h_get_32 (abfd, (bfd_byte *) note->descdata + 0x08); +@@ -10114,6 +10118,9 @@ elfcore_grok_netbsd_note (bfd *abfd, Elf + static bfd_boolean + elfcore_grok_openbsd_procinfo (bfd *abfd, Elf_Internal_Note *note) + { ++ if (note->descsz <= 0x48 + 31) ++ return FALSE; ++ + /* Signal number at offset 0x08. */ + elf_tdata (abfd)->core->signal + = bfd_h_get_32 (abfd, (bfd_byte *) note->descdata + 0x08); +@@ -10185,6 +10192,9 @@ elfcore_grok_nto_status (bfd *abfd, Elf_ + short sig; + unsigned flags; + ++ if (note->descsz < 16) ++ return FALSE; ++ + /* nto_procfs_status 'pid' field is at offset 0. */ + elf_tdata (abfd)->core->pid = bfd_get_32 (abfd, (bfd_byte *) ddata); + +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,10 @@ ++2017-11-16 Nick Clifton <nickc@redhat.com> ++ ++ PR 22421 ++ * elf.c (elfcore_grok_netbsd_procinfo): Check that the note is big enough. ++ (elfcore_grok_openbsd_procinfo): Likewise. ++ (elfcore_grok_nto_status): Likewise. ++ + 2017-10-31 Nick Clifton <nickc@redhat.com> + + PR 22373 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-17121.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-17121.patch new file mode 100644 index 0000000000..4b675f7b72 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-17121.patch @@ -0,0 +1,366 @@ +From b23dc97fe237a1d9e850d7cbeee066183a00630b Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Tue, 28 Nov 2017 13:20:31 +0000 +Subject: [PATCH] Fix a memory access violation when attempting to parse a + corrupt COFF binary with a relocation that points beyond the end of the + section to be relocated. + + PR 22506 + * reloc.c (reloc_offset_in_range): Rename to + bfd_reloc_offset_in_range and export. + (bfd_perform_relocation): Rename function invocation. + (bfd_install_relocation): Likewise. + (bfd_final_link_relocate): Likewise. + * bfd-in2.h: Regenerate. + * coff-arm.c (coff_arm_reloc): Use bfd_reloc_offset_in_range. + * coff-i386.c (coff_i386_reloc): Likewise. + * coff-i860.c (coff_i860_reloc): Likewise. + * coff-m68k.c (mk68kcoff_common_addend_special_fn): Likewise. + * coff-m88k.c (m88k_special_reloc): Likewise. + * coff-mips.c (mips_reflo_reloc): Likewise. + * coff-x86_64.c (coff_amd64_reloc): Likewise. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-17121 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 17 +++++++++++++++ + bfd/bfd-in2.h | 6 +++++ + bfd/coff-arm.c | 65 ++++++++++++++++++++++++++++++------------------------- + bfd/coff-i386.c | 5 +++++ + bfd/coff-i860.c | 5 +++++ + bfd/coff-m68k.c | 5 +++++ + bfd/coff-m88k.c | 9 +++++++- + bfd/coff-mips.c | 6 +++++ + bfd/coff-x86_64.c | 16 +++++--------- + bfd/reloc.c | 40 +++++++++++++++++++++++++++++----- + 10 files changed, 126 insertions(+), 48 deletions(-) + +Index: git/bfd/bfd-in2.h +=================================================================== +--- git.orig/bfd/bfd-in2.h ++++ git/bfd/bfd-in2.h +@@ -2661,6 +2661,12 @@ bfd_reloc_status_type bfd_check_overflow + unsigned int addrsize, + bfd_vma relocation); + ++bfd_boolean bfd_reloc_offset_in_range ++ (reloc_howto_type *howto, ++ bfd *abfd, ++ asection *section, ++ bfd_size_type offset); ++ + bfd_reloc_status_type bfd_perform_relocation + (bfd *abfd, + arelent *reloc_entry, +Index: git/bfd/coff-arm.c +=================================================================== +--- git.orig/bfd/coff-arm.c ++++ git/bfd/coff-arm.c +@@ -109,41 +109,46 @@ coff_arm_reloc (bfd *abfd, + x = ((x & ~howto->dst_mask) \ + | (((x & howto->src_mask) + diff) & howto->dst_mask)) + +- if (diff != 0) +- { +- reloc_howto_type *howto = reloc_entry->howto; +- unsigned char *addr = (unsigned char *) data + reloc_entry->address; ++ if (diff != 0) ++ { ++ reloc_howto_type *howto = reloc_entry->howto; ++ unsigned char *addr = (unsigned char *) data + reloc_entry->address; ++ ++ if (! bfd_reloc_offset_in_range (howto, abfd, input_section, ++ reloc_entry->address ++ * bfd_octets_per_byte (abfd))) ++ return bfd_reloc_outofrange; ++ ++ switch (howto->size) ++ { ++ case 0: ++ { ++ char x = bfd_get_8 (abfd, addr); ++ DOIT (x); ++ bfd_put_8 (abfd, x, addr); ++ } ++ break; + +- switch (howto->size) ++ case 1: + { +- case 0: +- { +- char x = bfd_get_8 (abfd, addr); +- DOIT (x); +- bfd_put_8 (abfd, x, addr); +- } +- break; +- +- case 1: +- { +- short x = bfd_get_16 (abfd, addr); +- DOIT (x); +- bfd_put_16 (abfd, (bfd_vma) x, addr); +- } +- break; +- +- case 2: +- { +- long x = bfd_get_32 (abfd, addr); +- DOIT (x); +- bfd_put_32 (abfd, (bfd_vma) x, addr); +- } +- break; ++ short x = bfd_get_16 (abfd, addr); ++ DOIT (x); ++ bfd_put_16 (abfd, (bfd_vma) x, addr); ++ } ++ break; + +- default: +- abort (); ++ case 2: ++ { ++ long x = bfd_get_32 (abfd, addr); ++ DOIT (x); ++ bfd_put_32 (abfd, (bfd_vma) x, addr); + } +- } ++ break; ++ ++ default: ++ abort (); ++ } ++ } + + /* Now let bfd_perform_relocation finish everything up. */ + return bfd_reloc_continue; +Index: git/bfd/coff-i386.c +=================================================================== +--- git.orig/bfd/coff-i386.c ++++ git/bfd/coff-i386.c +@@ -144,6 +144,11 @@ coff_i386_reloc (bfd *abfd, + reloc_howto_type *howto = reloc_entry->howto; + unsigned char *addr = (unsigned char *) data + reloc_entry->address; + ++ if (! bfd_reloc_offset_in_range (howto, abfd, input_section, ++ reloc_entry->address ++ * bfd_octets_per_byte (abfd))) ++ return bfd_reloc_outofrange; ++ + switch (howto->size) + { + case 0: +Index: git/bfd/coff-i860.c +=================================================================== +--- git.orig/bfd/coff-i860.c ++++ git/bfd/coff-i860.c +@@ -95,6 +95,11 @@ coff_i860_reloc (bfd *abfd, + reloc_howto_type *howto = reloc_entry->howto; + unsigned char *addr = (unsigned char *) data + reloc_entry->address; + ++ if (! bfd_reloc_offset_in_range (howto, abfd, input_section, ++ reloc_entry->address ++ * bfd_octets_per_byte (abfd))) ++ return bfd_reloc_outofrange; ++ + switch (howto->size) + { + case 0: +Index: git/bfd/coff-m68k.c +=================================================================== +--- git.orig/bfd/coff-m68k.c ++++ git/bfd/coff-m68k.c +@@ -305,6 +305,11 @@ m68kcoff_common_addend_special_fn (bfd * + reloc_howto_type *howto = reloc_entry->howto; + unsigned char *addr = (unsigned char *) data + reloc_entry->address; + ++ if (! bfd_reloc_offset_in_range (howto, abfd, input_section, ++ reloc_entry->address ++ * bfd_octets_per_byte (abfd))) ++ return bfd_reloc_outofrange; ++ + switch (howto->size) + { + case 0: +Index: git/bfd/coff-m88k.c +=================================================================== +--- git.orig/bfd/coff-m88k.c ++++ git/bfd/coff-m88k.c +@@ -72,10 +72,17 @@ m88k_special_reloc (bfd *abfd, + { + bfd_vma output_base = 0; + bfd_vma addr = reloc_entry->address; +- bfd_vma x = bfd_get_16 (abfd, (bfd_byte *) data + addr); ++ bfd_vma x; + asection *reloc_target_output_section; + long relocation = 0; + ++ if (! bfd_reloc_offset_in_range (howto, abfd, input_section, ++ reloc_entry->address ++ * bfd_octets_per_byte (abfd))) ++ return bfd_reloc_outofrange; ++ ++ x = bfd_get_16 (abfd, (bfd_byte *) data + addr); ++ + /* Work out which section the relocation is targeted at and the + initial relocation command value. */ + +Index: git/bfd/coff-mips.c +=================================================================== +--- git.orig/bfd/coff-mips.c ++++ git/bfd/coff-mips.c +@@ -504,6 +504,12 @@ mips_reflo_reloc (bfd *abfd ATTRIBUTE_UN + unsigned long vallo; + struct mips_hi *next; + ++ if (! bfd_reloc_offset_in_range (reloc_entry->howto, abfd, ++ input_section, ++ reloc_entry->address ++ * bfd_octets_per_byte (abfd))) ++ return bfd_reloc_outofrange; ++ + /* Do the REFHI relocation. Note that we actually don't + need to know anything about the REFLO itself, except + where to find the low 16 bits of the addend needed by the +Index: git/bfd/coff-x86_64.c +=================================================================== +--- git.orig/bfd/coff-x86_64.c ++++ git/bfd/coff-x86_64.c +@@ -143,16 +143,10 @@ coff_amd64_reloc (bfd *abfd, + reloc_howto_type *howto = reloc_entry->howto; + unsigned char *addr = (unsigned char *) data + reloc_entry->address; + +- /* FIXME: We do not have an end address for data, so we cannot +- accurately range check any addresses computed against it. +- cf: PR binutils/17512: file: 1085-1761-0.004. +- For now we do the best that we can. */ +- if (addr < (unsigned char *) data +- || addr > ((unsigned char *) data) + input_section->size) +- { +- bfd_set_error (bfd_error_bad_value); +- return bfd_reloc_notsupported; +- } ++ if (! bfd_reloc_offset_in_range (howto, abfd, input_section, ++ reloc_entry->address ++ * bfd_octets_per_byte (abfd))) ++ return bfd_reloc_outofrange; + + switch (howto->size) + { +Index: git/bfd/reloc.c +=================================================================== +--- git.orig/bfd/reloc.c ++++ git/bfd/reloc.c +@@ -538,12 +538,31 @@ bfd_check_overflow (enum complain_overfl + return flag; + } + ++/* ++FUNCTION ++ bfd_reloc_offset_in_range ++ ++SYNOPSIS ++ bfd_boolean bfd_reloc_offset_in_range ++ (reloc_howto_type *howto, ++ bfd *abfd, ++ asection *section, ++ bfd_size_type offset); ++ ++DESCRIPTION ++ Returns TRUE if the reloc described by @var{HOWTO} can be ++ applied at @var{OFFSET} octets in @var{SECTION}. ++ ++*/ ++ + /* HOWTO describes a relocation, at offset OCTET. Return whether the + relocation field is within SECTION of ABFD. */ + +-static bfd_boolean +-reloc_offset_in_range (reloc_howto_type *howto, bfd *abfd, +- asection *section, bfd_size_type octet) ++bfd_boolean ++bfd_reloc_offset_in_range (reloc_howto_type *howto, ++ bfd *abfd, ++ asection *section, ++ bfd_size_type octet) + { + bfd_size_type octet_end = bfd_get_section_limit_octets (abfd, section); + bfd_size_type reloc_size = bfd_get_reloc_size (howto); +@@ -617,6 +636,11 @@ bfd_perform_relocation (bfd *abfd, + if (howto && howto->special_function) + { + bfd_reloc_status_type cont; ++ ++ /* Note - we do not call bfd_reloc_offset_in_range here as the ++ reloc_entry->address field might actually be valid for the ++ backend concerned. It is up to the special_function itself ++ to call bfd_reloc_offset_in_range if needed. */ + cont = howto->special_function (abfd, reloc_entry, symbol, data, + input_section, output_bfd, + error_message); +@@ -637,7 +661,7 @@ bfd_perform_relocation (bfd *abfd, + + /* Is the address of the relocation really within the section? */ + octets = reloc_entry->address * bfd_octets_per_byte (abfd); +- if (!reloc_offset_in_range (howto, abfd, input_section, octets)) ++ if (!bfd_reloc_offset_in_range (howto, abfd, input_section, octets)) + return bfd_reloc_outofrange; + + /* Work out which section the relocation is targeted at and the +@@ -1003,6 +1027,10 @@ bfd_install_relocation (bfd *abfd, + { + bfd_reloc_status_type cont; + ++ /* Note - we do not call bfd_reloc_offset_in_range here as the ++ reloc_entry->address field might actually be valid for the ++ backend concerned. It is up to the special_function itself ++ to call bfd_reloc_offset_in_range if needed. */ + /* XXX - The special_function calls haven't been fixed up to deal + with creating new relocations and section contents. */ + cont = howto->special_function (abfd, reloc_entry, symbol, +@@ -1025,7 +1053,7 @@ bfd_install_relocation (bfd *abfd, + + /* Is the address of the relocation really within the section? */ + octets = reloc_entry->address * bfd_octets_per_byte (abfd); +- if (!reloc_offset_in_range (howto, abfd, input_section, octets)) ++ if (!bfd_reloc_offset_in_range (howto, abfd, input_section, octets)) + return bfd_reloc_outofrange; + + /* Work out which section the relocation is targeted at and the +@@ -1363,7 +1391,7 @@ _bfd_final_link_relocate (reloc_howto_ty + bfd_size_type octets = address * bfd_octets_per_byte (input_bfd); + + /* Sanity check the address. */ +- if (!reloc_offset_in_range (howto, input_bfd, input_section, octets)) ++ if (!bfd_reloc_offset_in_range (howto, input_bfd, input_section, octets)) + return bfd_reloc_outofrange; + + /* This function assumes that we are dealing with a basic relocation +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,20 @@ ++2017-11-28 Nick Clifton <nickc@redhat.com> ++ ++ PR 22506 ++ * reloc.c (reloc_offset_in_range): Rename to ++ bfd_reloc_offset_in_range and export. ++ (bfd_perform_relocation): Rename function invocation. ++ (bfd_install_relocation): Likewise. ++ (bfd_final_link_relocate): Likewise. ++ * bfd-in2.h: Regenerate. ++ * coff-arm.c (coff_arm_reloc): Use bfd_reloc_offset_in_range. ++ * coff-i386.c (coff_i386_reloc): Likewise. ++ * coff-i860.c (coff_i860_reloc): Likewise. ++ * coff-m68k.c (mk68kcoff_common_addend_special_fn): Likewise. ++ * coff-m88k.c (m88k_special_reloc): Likewise. ++ * coff-mips.c (mips_reflo_reloc): Likewise. ++ * coff-x86_64.c (coff_amd64_reloc): Likewise. ++ + 2017-11-16 Nick Clifton <nickc@redhat.com> + + PR 22421 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-17122.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-17122.patch new file mode 100644 index 0000000000..5ae749bcca --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-17122.patch @@ -0,0 +1,58 @@ +From d785b7d4b877ed465d04072e17ca19d0f47d840f Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Wed, 29 Nov 2017 12:40:43 +0000 +Subject: [PATCH] Stop objdump from attempting to allocate a huge chunk of + memory when parsing relocs in a corrupt file. + + PR 22508 + * objdump.c (dump_relocs_in_section): Also check the section's + relocation count to make sure that it is reasonable before + attempting to allocate space for the relocs. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-17122 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + binutils/ChangeLog | 7 +++++++ + binutils/objdump.c | 11 ++++++++++- + 2 files changed, 17 insertions(+), 1 deletion(-) + +Index: git/binutils/objdump.c +=================================================================== +--- git.orig/binutils/objdump.c ++++ git/binutils/objdump.c +@@ -3381,7 +3381,16 @@ dump_relocs_in_section (bfd *abfd, + } + + if ((bfd_get_file_flags (abfd) & (BFD_IN_MEMORY | BFD_LINKER_CREATED)) == 0 +- && (ufile_ptr) relsize > bfd_get_file_size (abfd)) ++ && (((ufile_ptr) relsize > bfd_get_file_size (abfd)) ++ /* Also check the section's reloc count since if this is negative ++ (or very large) the computation in bfd_get_reloc_upper_bound ++ may have resulted in returning a small, positive integer. ++ See PR 22508 for a reproducer. ++ ++ Note - we check against file size rather than section size as ++ it is possible for there to be more relocs that apply to a ++ section than there are bytes in that section. */ ++ || (section->reloc_count > bfd_get_file_size (abfd)))) + { + printf (" (too many: 0x%x)\n", section->reloc_count); + bfd_set_error (bfd_error_file_truncated); +Index: git/binutils/ChangeLog +=================================================================== +--- git.orig/binutils/ChangeLog ++++ git/binutils/ChangeLog +@@ -1,3 +1,10 @@ ++2017-11-29 Nick Clifton <nickc@redhat.com> ++ ++ PR 22508 ++ * objdump.c (dump_relocs_in_section): Also check the section's ++ relocation count to make sure that it is reasonable before ++ attempting to allocate space for the relocs. ++ + 2017-11-02 Mingi Cho <mgcho.minic@gmail.com> + + PR 22384 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-17123.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-17123.patch new file mode 100644 index 0000000000..08412108da --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-17123.patch @@ -0,0 +1,33 @@ +From 4581a1c7d304ce14e714b27522ebf3d0188d6543 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Wed, 29 Nov 2017 17:12:12 +0000 +Subject: [PATCH] Check for a NULL symbol pointer when reading relocs from a + COFF based file. + + PR 22509 + * coffcode.h (coff_slurp_reloc_table): Check for a NULL symbol + pointer when processing relocs. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-17123 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 ++++++ + bfd/coffcode.h | 2 +- + 2 files changed, 7 insertions(+), 1 deletion(-) + +Index: git/bfd/coffcode.h +=================================================================== +--- git.orig/bfd/coffcode.h ++++ git/bfd/coffcode.h +@@ -5326,7 +5326,7 @@ coff_slurp_reloc_table (bfd * abfd, sec_ + #else + cache_ptr->address = dst.r_vaddr; + +- if (dst.r_symndx != -1) ++ if (dst.r_symndx != -1 && symbols != NULL) + { + if (dst.r_symndx < 0 || dst.r_symndx >= obj_conv_table_size (abfd)) + { diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-17124.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-17124.patch new file mode 100644 index 0000000000..16f0768d95 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-17124.patch @@ -0,0 +1,47 @@ +From b0029dce6867de1a2828293177b0e030d2f0f03c Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Tue, 28 Nov 2017 18:00:29 +0000 +Subject: [PATCH] Prevent a memory exhaustion problem when trying to read in + strings from a COFF binary with a corrupt string table size. + + PR 22507 + * coffgen.c (_bfd_coff_read_string_table): Check for an excessive + size of the external string table. + +Upstream-Status: Backport +Affects binutls <= 2.29.1 +CVE: CVE-2017-17124 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 ++++++ + bfd/coffgen.c | 4 ++-- + 2 files changed, 8 insertions(+), 2 deletions(-) + +Index: git/bfd/coffgen.c +=================================================================== +--- git.orig/bfd/coffgen.c ++++ git/bfd/coffgen.c +@@ -1709,7 +1709,7 @@ _bfd_coff_read_string_table (bfd *abfd) + #endif + } + +- if (strsize < STRING_SIZE_SIZE) ++ if (strsize < STRING_SIZE_SIZE || strsize > bfd_get_file_size (abfd)) + { + _bfd_error_handler + /* xgettext: c-format */ +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,9 @@ ++2017-11-28 Nick Clifton <nickc@redhat.com> ++ ++ PR 22507 ++ * coffgen.c (_bfd_coff_read_string_table): Check for an excessive ++ size of the external string table. ++ + 2018-03-28 Eric Botcazou <ebotcazou@adacore.com> + + PR ld/22972 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-17125.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-17125.patch new file mode 100644 index 0000000000..30dc6d5727 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-17125.patch @@ -0,0 +1,129 @@ +From 160b1a618ad94988410dc81fce9189fcda5b7ff4 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Sat, 18 Nov 2017 23:18:22 +1030 +Subject: [PATCH] PR22443, Global buffer overflow in + _bfd_elf_get_symbol_version_string + +Symbols like *ABS* defined in bfd/section.c:global_syms are not +elf_symbol_type. They can appear on relocs and perhaps other places +in an ELF bfd, so a number of places in nm.c and objdump.c are wrong +to cast an asymbol based on the bfd being ELF. I think we lose +nothing by excluding all section symbols, not just the global_syms. + + PR 22443 + * nm.c (sort_symbols_by_size): Don't attempt to access + section symbol internal_elf_sym. + (print_symbol): Likewise. Don't call bfd_get_symbol_version_string + for section symbols. + * objdump.c (compare_symbols): Don't attempt to access + section symbol internal_elf_sym. + (objdump_print_symname): Don't call bfd_get_symbol_version_string + for section symbols. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-17125 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + binutils/ChangeLog | 12 ++++++++++++ + binutils/nm.c | 17 ++++++++++------- + binutils/objdump.c | 6 +++--- + 3 files changed, 25 insertions(+), 10 deletions(-) + +Index: git/binutils/nm.c +=================================================================== +--- git.orig/binutils/nm.c ++++ git/binutils/nm.c +@@ -765,7 +765,6 @@ sort_symbols_by_size (bfd *abfd, bfd_boo + asection *sec; + bfd_vma sz; + asymbol *temp; +- int synthetic = (sym->flags & BSF_SYNTHETIC); + + if (from + size < fromend) + { +@@ -782,10 +781,13 @@ sort_symbols_by_size (bfd *abfd, bfd_boo + sec = bfd_get_section (sym); + + /* Synthetic symbols don't have a full type set of data available, thus +- we can't rely on that information for the symbol size. */ +- if (!synthetic && bfd_get_flavour (abfd) == bfd_target_elf_flavour) ++ we can't rely on that information for the symbol size. Ditto for ++ bfd/section.c:global_syms like *ABS*. */ ++ if ((sym->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0 ++ && bfd_get_flavour (abfd) == bfd_target_elf_flavour) + sz = ((elf_symbol_type *) sym)->internal_elf_sym.st_size; +- else if (!synthetic && bfd_is_com_section (sec)) ++ else if ((sym->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0 ++ && bfd_is_com_section (sec)) + sz = sym->value; + else + { +@@ -874,8 +876,9 @@ print_symbol (bfd * abfd, + + info.sinfo = &syminfo; + info.ssize = ssize; +- /* Synthetic symbols do not have a full symbol type set of data available. */ +- if ((sym->flags & BSF_SYNTHETIC) != 0) ++ /* Synthetic symbols do not have a full symbol type set of data available. ++ Nor do bfd/section.c:global_syms like *ABS*. */ ++ if ((sym->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) != 0) + { + info.elfinfo = NULL; + info.coffinfo = NULL; +@@ -893,7 +896,7 @@ print_symbol (bfd * abfd, + const char * version_string = NULL; + bfd_boolean hidden = FALSE; + +- if ((sym->flags & BSF_SYNTHETIC) == 0) ++ if ((sym->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0) + version_string = bfd_get_symbol_version_string (abfd, sym, &hidden); + + if (bfd_is_und_section (bfd_get_section (sym))) +Index: git/binutils/objdump.c +=================================================================== +--- git.orig/binutils/objdump.c ++++ git/binutils/objdump.c +@@ -799,10 +799,10 @@ compare_symbols (const void *ap, const v + bfd_vma asz, bsz; + + asz = 0; +- if ((a->flags & BSF_SYNTHETIC) == 0) ++ if ((a->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0) + asz = ((elf_symbol_type *) a)->internal_elf_sym.st_size; + bsz = 0; +- if ((b->flags & BSF_SYNTHETIC) == 0) ++ if ((b->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0) + bsz = ((elf_symbol_type *) b)->internal_elf_sym.st_size; + if (asz != bsz) + return asz > bsz ? -1 : 1; +@@ -888,7 +888,7 @@ objdump_print_symname (bfd *abfd, struct + name = alloc; + } + +- if ((sym->flags & BSF_SYNTHETIC) == 0) ++ if ((sym->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0) + version_string = bfd_get_symbol_version_string (abfd, sym, &hidden); + + if (bfd_is_und_section (bfd_get_section (sym))) +Index: git/binutils/ChangeLog +=================================================================== +--- git.orig/binutils/ChangeLog ++++ git/binutils/ChangeLog +@@ -1,3 +1,15 @@ ++2017-11-18 Alan Modra <amodra@gmail.com> ++ ++ PR 22443 ++ * nm.c (sort_symbols_by_size): Don't attempt to access ++ section symbol internal_elf_sym. ++ (print_symbol): Likewise. Don't call bfd_get_symbol_version_string ++ for section symbols. ++ * objdump.c (compare_symbols): Don't attempt to access ++ section symbol internal_elf_sym. ++ (objdump_print_symname): Don't call bfd_get_symbol_version_string ++ for section symbols. ++ + 2017-11-29 Nick Clifton <nickc@redhat.com> + + PR 22508 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-10372.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-10372.patch new file mode 100644 index 0000000000..caaaf2317e --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-10372.patch @@ -0,0 +1,58 @@ +From 6aea08d9f3e3d6475a65454da488a0c51f5dc97d Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Tue, 17 Apr 2018 12:35:55 +0100 +Subject: [PATCH] Fix illegal memory access when parsing corrupt DWARF + information. + + PR 23064 + * dwarf.c (process_cu_tu_index): Test for a potential buffer + overrun before copying signature pointer. + +Upstream-Status: Backport +Affects: <= 2.30 +CVE: CVE-2018-10372 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + binutils/ChangeLog | 6 ++++++ + binutils/dwarf.c | 13 ++++++++++++- + 2 files changed, 18 insertions(+), 1 deletion(-) + +Index: git/binutils/dwarf.c +=================================================================== +--- git.orig/binutils/dwarf.c ++++ git/binutils/dwarf.c +@@ -8526,7 +8526,18 @@ process_cu_tu_index (struct dwarf_sectio + } + + if (!do_display) +- memcpy (&this_set[row - 1].signature, ph, sizeof (uint64_t)); ++ { ++ size_t num_copy = sizeof (uint64_t); ++ ++ /* PR 23064: Beware of buffer overflow. */ ++ if (ph + num_copy < limit) ++ memcpy (&this_set[row - 1].signature, ph, num_copy); ++ else ++ { ++ warn (_("Signature (%p) extends beyond end of space in section\n"), ph); ++ return 0; ++ } ++ } + + prow = poffsets + (row - 1) * ncols * 4; + /* PR 17531: file: b8ce60a8. */ +Index: git/binutils/ChangeLog +=================================================================== +--- git.orig/binutils/ChangeLog ++++ git/binutils/ChangeLog +@@ -1,3 +1,9 @@ ++2018-04-17 Nick Clifton <nickc@redhat.com> ++ ++ PR 23064 ++ * dwarf.c (process_cu_tu_index): Test for a potential buffer ++ overrun before copying signature pointer. ++ + 2017-11-18 Alan Modra <amodra@gmail.com> + + PR 22443 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-10373.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-10373.patch new file mode 100644 index 0000000000..963d767f84 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-10373.patch @@ -0,0 +1,45 @@ +From 6327533b1fd29fa86f6bf34e61c332c010e3c689 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Tue, 17 Apr 2018 14:30:07 +0100 +Subject: [PATCH] Add a check for a NULL table pointer before attempting to + compute a DWARF filename. + + PR 23065 + * dwarf2.c (concat_filename): Check for a NULL table pointer. + +Upstream-Status: Backport +Affects: <= 2.30 +CVE: CVE-2018-10373 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 5 +++++ + bfd/dwarf2.c | 2 +- + 2 files changed, 6 insertions(+), 1 deletion(-) + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -1587,7 +1587,7 @@ concat_filename (struct line_info_table + { + char *filename; + +- if (file - 1 >= table->num_files) ++ if (table == NULL || file - 1 >= table->num_files) + { + /* FILE == 0 means unknown. */ + if (file) +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,8 @@ ++2018-04-17 Nick Clifton <nickc@redhat.com> ++ ++ PR 23065 ++ * dwarf2.c (concat_filename): Check for a NULL table pointer. ++ + 2017-11-28 Nick Clifton <nickc@redhat.com> + + PR 22506 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-10534.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-10534.patch new file mode 100644 index 0000000000..27e86285a2 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-10534.patch @@ -0,0 +1,2443 @@ +From aa4a8c2a2a67545e90c877162c53cc9de42dc8b4 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Tue, 24 Apr 2018 16:31:27 +0100 +Subject: [PATCH] Fix an illegal memory access when copying a PE format file + with corrupt debug information. + + PR 23110 + * peXXigen.c (_bfd_XX_bfd_copy_private_bfd_data_common): Check for + a negative PE_DEBUG_DATA size before iterating over the debug data. + +Upstream-Status: Backport +Affects: <= 2.30 +CVE: CVE-2018-10534 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 + + bfd/peXXigen.c | 9 + + bfd/po/bfd.pot | 5631 ++++++++++++++++++++++++++------------------------------ + 3 files changed, 2662 insertions(+), 2984 deletions(-) + +Index: git/bfd/peXXigen.c +=================================================================== +--- git.orig/bfd/peXXigen.c ++++ git/bfd/peXXigen.c +@@ -2991,6 +2991,15 @@ _bfd_XX_bfd_copy_private_bfd_data_common + bfd_get_section_size (section) - (addr - section->vma)); + return FALSE; + } ++ /* PR 23110. */ ++ else if (ope->pe_opthdr.DataDirectory[PE_DEBUG_DATA].Size < 0) ++ { ++ /* xgettext:c-format */ ++ _bfd_error_handler ++ (_("%pB: Data Directory size (%#lx) is negative"), ++ obfd, ope->pe_opthdr.DataDirectory[PE_DEBUG_DATA].Size); ++ return FALSE; ++ } + + for (i = 0; i < ope->pe_opthdr.DataDirectory[PE_DEBUG_DATA].Size + / sizeof (struct external_IMAGE_DEBUG_DIRECTORY); i++) +Index: git/bfd/po/bfd.pot +=================================================================== +--- git.orig/bfd/po/bfd.pot ++++ git/bfd/po/bfd.pot +@@ -6119,1961 +6119,1932 @@ msgstr "" + #. Rotate. + #. Redefine symbol to current location. + #. Define a literal. +-#: vms-alpha.c:2115 vms-alpha.c:2146 vms-alpha.c:2237 vms-alpha.c:2395 ++#: vms-alpha.c:2116 vms-alpha.c:2147 vms-alpha.c:2238 vms-alpha.c:2396 + #, c-format + msgid "%s: not supported" + msgstr "" + +-#: vms-alpha.c:2121 ++#: vms-alpha.c:2122 + #, c-format + msgid "%s: not implemented" + msgstr "" + +-#: vms-alpha.c:2379 ++#: vms-alpha.c:2380 + #, c-format + msgid "invalid use of %s with contexts" + msgstr "" + +-#: vms-alpha.c:2413 ++#: vms-alpha.c:2414 + #, c-format + msgid "reserved cmd %d" + msgstr "" + +-#: vms-alpha.c:2497 +-msgid "Corrupt EEOM record - size is too small" ++#: vms-alpha.c:2498 ++msgid "corrupt EEOM record - size is too small" + msgstr "" + +-#: vms-alpha.c:2506 +-msgid "Object module NOT error-free !\n" ++#: vms-alpha.c:2507 ++msgid "object module not error-free !" + msgstr "" + +-#: vms-alpha.c:3830 ++#: vms-alpha.c:3831 + #, c-format +-msgid "SEC_RELOC with no relocs in section %A" ++msgid "SEC_RELOC with no relocs in section %pA" + msgstr "" + +-#: vms-alpha.c:3882 vms-alpha.c:4095 ++#: vms-alpha.c:3883 vms-alpha.c:4096 + #, c-format +-msgid "Size error in section %A" ++msgid "size error in section %pA" + msgstr "" + +-#: vms-alpha.c:4041 +-msgid "Spurious ALPHA_R_BSR reloc" ++#: vms-alpha.c:4042 ++msgid "spurious ALPHA_R_BSR reloc" + msgstr "" + +-#: vms-alpha.c:4082 ++#: vms-alpha.c:4083 + #, c-format +-msgid "Unhandled relocation %s" ++msgid "unhandled relocation %s" + msgstr "" + +-#: vms-alpha.c:4375 ++#: vms-alpha.c:4376 + #, c-format + msgid "unknown source command %d" + msgstr "" + +-#: vms-alpha.c:4436 +-msgid "DST__K_SET_LINUM_INCR not implemented" +-msgstr "" +- +-#: vms-alpha.c:4442 +-msgid "DST__K_SET_LINUM_INCR_W not implemented" +-msgstr "" +- +-#: vms-alpha.c:4448 +-msgid "DST__K_RESET_LINUM_INCR not implemented" +-msgstr "" +- +-#: vms-alpha.c:4454 +-msgid "DST__K_BEG_STMT_MODE not implemented" +-msgstr "" +- +-#: vms-alpha.c:4460 +-msgid "DST__K_END_STMT_MODE not implemented" +-msgstr "" +- +-#: vms-alpha.c:4487 +-msgid "DST__K_SET_PC not implemented" +-msgstr "" +- +-#: vms-alpha.c:4493 +-msgid "DST__K_SET_PC_W not implemented" +-msgstr "" +- +-#: vms-alpha.c:4499 +-msgid "DST__K_SET_PC_L not implemented" +-msgstr "" +- +-#: vms-alpha.c:4505 +-msgid "DST__K_SET_STMTNUM not implemented" ++#: vms-alpha.c:4437 vms-alpha.c:4443 vms-alpha.c:4449 vms-alpha.c:4455 ++#: vms-alpha.c:4461 vms-alpha.c:4488 vms-alpha.c:4494 vms-alpha.c:4500 ++#: vms-alpha.c:4506 ++#, c-format ++msgid "%s not implemented" + msgstr "" + +-#: vms-alpha.c:4548 ++#: vms-alpha.c:4549 + #, c-format + msgid "unknown line command %d" + msgstr "" + +-#: vms-alpha.c:5008 vms-alpha.c:5026 vms-alpha.c:5041 vms-alpha.c:5057 +-#: vms-alpha.c:5070 vms-alpha.c:5082 vms-alpha.c:5095 ++#: vms-alpha.c:5009 vms-alpha.c:5027 vms-alpha.c:5042 vms-alpha.c:5058 ++#: vms-alpha.c:5071 vms-alpha.c:5083 vms-alpha.c:5096 + #, c-format +-msgid "Unknown reloc %s + %s" ++msgid "unknown reloc %s + %s" + msgstr "" + +-#: vms-alpha.c:5150 ++#: vms-alpha.c:5151 + #, c-format +-msgid "Unknown reloc %s" ++msgid "unknown reloc %s" + msgstr "" + +-#: vms-alpha.c:5163 +-msgid "Invalid section index in ETIR" ++#: vms-alpha.c:5164 ++msgid "invalid section index in ETIR" + msgstr "" + +-#: vms-alpha.c:5172 +-msgid "Relocation for non-REL psect" ++#: vms-alpha.c:5173 ++msgid "relocation for non-REL psect" + msgstr "" + +-#: vms-alpha.c:5219 ++#: vms-alpha.c:5220 + #, c-format +-msgid "Unknown symbol in command %s" ++msgid "unknown symbol in command %s" + msgstr "" + +-#: vms-alpha.c:5629 ++#: vms-alpha.c:5630 + #, c-format + msgid "reloc (%d) is *UNKNOWN*" + msgstr "" + +-#: vms-alpha.c:5745 ++#: vms-alpha.c:5746 + #, c-format + msgid " EMH %u (len=%u): " + msgstr "" + +-#: vms-alpha.c:5750 ++#: vms-alpha.c:5751 + #, c-format + msgid " Error: The length is less than the length of an EMH record\n" + msgstr "" + +-#: vms-alpha.c:5767 ++#: vms-alpha.c:5768 + #, c-format + msgid "" + " Error: The record length is less than the size of an EMH_MHD record\n" + msgstr "" + +-#: vms-alpha.c:5770 ++#: vms-alpha.c:5771 + #, c-format + msgid "Module header\n" + msgstr "" + +-#: vms-alpha.c:5771 ++#: vms-alpha.c:5772 + #, c-format + msgid " structure level: %u\n" + msgstr "" + +-#: vms-alpha.c:5772 ++#: vms-alpha.c:5773 + #, c-format + msgid " max record size: %u\n" + msgstr "" + +-#: vms-alpha.c:5778 ++#: vms-alpha.c:5779 + #, c-format + msgid " Error: The module name is missing\n" + msgstr "" + +-#: vms-alpha.c:5784 ++#: vms-alpha.c:5785 + #, c-format + msgid " Error: The module name is too long\n" + msgstr "" + +-#: vms-alpha.c:5787 ++#: vms-alpha.c:5788 + #, c-format + msgid " module name : %.*s\n" + msgstr "" + +-#: vms-alpha.c:5791 ++#: vms-alpha.c:5792 + #, c-format + msgid " Error: The module version is missing\n" + msgstr "" + +-#: vms-alpha.c:5797 ++#: vms-alpha.c:5798 + #, c-format + msgid " Error: The module version is too long\n" + msgstr "" + +-#: vms-alpha.c:5800 ++#: vms-alpha.c:5801 + #, c-format + msgid " module version : %.*s\n" + msgstr "" + +-#: vms-alpha.c:5803 ++#: vms-alpha.c:5804 + #, c-format + msgid " Error: The compile date is truncated\n" + msgstr "" + +-#: vms-alpha.c:5805 ++#: vms-alpha.c:5806 + #, c-format + msgid " compile date : %.17s\n" + msgstr "" + +-#: vms-alpha.c:5810 ++#: vms-alpha.c:5811 + #, c-format + msgid "Language Processor Name\n" + msgstr "" + +-#: vms-alpha.c:5811 ++#: vms-alpha.c:5812 + #, c-format + msgid " language name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:5815 ++#: vms-alpha.c:5816 + #, c-format + msgid "Source Files Header\n" + msgstr "" + +-#: vms-alpha.c:5816 ++#: vms-alpha.c:5817 + #, c-format + msgid " file: %.*s\n" + msgstr "" + +-#: vms-alpha.c:5820 ++#: vms-alpha.c:5821 + #, c-format + msgid "Title Text Header\n" + msgstr "" + +-#: vms-alpha.c:5821 ++#: vms-alpha.c:5822 + #, c-format + msgid " title: %.*s\n" + msgstr "" + +-#: vms-alpha.c:5825 ++#: vms-alpha.c:5826 + #, c-format + msgid "Copyright Header\n" + msgstr "" + +-#: vms-alpha.c:5826 ++#: vms-alpha.c:5827 + #, c-format + msgid " copyright: %.*s\n" + msgstr "" + +-#: vms-alpha.c:5830 ++#: vms-alpha.c:5831 + #, c-format + msgid "unhandled emh subtype %u\n" + msgstr "" + +-#: vms-alpha.c:5840 ++#: vms-alpha.c:5841 + #, c-format + msgid " EEOM (len=%u):\n" + msgstr "" + +-#: vms-alpha.c:5845 ++#: vms-alpha.c:5846 + #, c-format + msgid " Error: The length is less than the length of an EEOM record\n" + msgstr "" + +-#: vms-alpha.c:5849 ++#: vms-alpha.c:5850 + #, c-format + msgid " number of cond linkage pairs: %u\n" + msgstr "" + +-#: vms-alpha.c:5851 ++#: vms-alpha.c:5852 + #, c-format + msgid " completion code: %u\n" + msgstr "" + +-#: vms-alpha.c:5855 ++#: vms-alpha.c:5856 + #, c-format + msgid " transfer addr flags: 0x%02x\n" + msgstr "" + +-#: vms-alpha.c:5856 ++#: vms-alpha.c:5857 + #, c-format + msgid " transfer addr psect: %u\n" + msgstr "" + +-#: vms-alpha.c:5858 ++#: vms-alpha.c:5859 + #, c-format + msgid " transfer address : 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:5867 ++#: vms-alpha.c:5868 + msgid " WEAK" + msgstr "" + +-#: vms-alpha.c:5869 ++#: vms-alpha.c:5870 + msgid " DEF" + msgstr "" + +-#: vms-alpha.c:5871 ++#: vms-alpha.c:5872 + msgid " UNI" + msgstr "" + +-#: vms-alpha.c:5873 vms-alpha.c:5894 ++#: vms-alpha.c:5874 vms-alpha.c:5895 + msgid " REL" + msgstr "" + +-#: vms-alpha.c:5875 ++#: vms-alpha.c:5876 + msgid " COMM" + msgstr "" + +-#: vms-alpha.c:5877 ++#: vms-alpha.c:5878 + msgid " VECEP" + msgstr "" + +-#: vms-alpha.c:5879 ++#: vms-alpha.c:5880 + msgid " NORM" + msgstr "" + +-#: vms-alpha.c:5881 ++#: vms-alpha.c:5882 + msgid " QVAL" + msgstr "" + +-#: vms-alpha.c:5888 ++#: vms-alpha.c:5889 + msgid " PIC" + msgstr "" + +-#: vms-alpha.c:5890 ++#: vms-alpha.c:5891 + msgid " LIB" + msgstr "" + +-#: vms-alpha.c:5892 ++#: vms-alpha.c:5893 + msgid " OVR" + msgstr "" + +-#: vms-alpha.c:5896 ++#: vms-alpha.c:5897 + msgid " GBL" + msgstr "" + +-#: vms-alpha.c:5898 ++#: vms-alpha.c:5899 + msgid " SHR" + msgstr "" + +-#: vms-alpha.c:5900 ++#: vms-alpha.c:5901 + msgid " EXE" + msgstr "" + +-#: vms-alpha.c:5902 ++#: vms-alpha.c:5903 + msgid " RD" + msgstr "" + +-#: vms-alpha.c:5904 ++#: vms-alpha.c:5905 + msgid " WRT" + msgstr "" + +-#: vms-alpha.c:5906 ++#: vms-alpha.c:5907 + msgid " VEC" + msgstr "" + +-#: vms-alpha.c:5908 ++#: vms-alpha.c:5909 + msgid " NOMOD" + msgstr "" + +-#: vms-alpha.c:5910 ++#: vms-alpha.c:5911 + msgid " COM" + msgstr "" + +-#: vms-alpha.c:5912 ++#: vms-alpha.c:5913 + msgid " 64B" + msgstr "" + +-#: vms-alpha.c:5921 ++#: vms-alpha.c:5922 + #, c-format + msgid " EGSD (len=%u):\n" + msgstr "" + +-#: vms-alpha.c:5934 ++#: vms-alpha.c:5935 + #, c-format + msgid " EGSD entry %2u (type: %u, len: %u): " + msgstr "" + +-#: vms-alpha.c:5940 vms-alpha.c:6191 ++#: vms-alpha.c:5941 vms-alpha.c:6192 + #, c-format + msgid " Error: length larger than remaining space in record\n" + msgstr "" + +-#: vms-alpha.c:5952 ++#: vms-alpha.c:5953 + #, c-format + msgid "PSC - Program section definition\n" + msgstr "" + +-#: vms-alpha.c:5953 vms-alpha.c:5970 ++#: vms-alpha.c:5954 vms-alpha.c:5971 + #, c-format + msgid " alignment : 2**%u\n" + msgstr "" + +-#: vms-alpha.c:5954 vms-alpha.c:5971 ++#: vms-alpha.c:5955 vms-alpha.c:5972 + #, c-format + msgid " flags : 0x%04x" + msgstr "" + +-#: vms-alpha.c:5958 ++#: vms-alpha.c:5959 + #, c-format + msgid " alloc (len): %u (0x%08x)\n" + msgstr "" + +-#: vms-alpha.c:5959 vms-alpha.c:6016 vms-alpha.c:6065 ++#: vms-alpha.c:5960 vms-alpha.c:6017 vms-alpha.c:6066 + #, c-format + msgid " name : %.*s\n" + msgstr "" + +-#: vms-alpha.c:5969 ++#: vms-alpha.c:5970 + #, c-format + msgid "SPSC - Shared Image Program section def\n" + msgstr "" + +-#: vms-alpha.c:5975 ++#: vms-alpha.c:5976 + #, c-format + msgid " alloc (len) : %u (0x%08x)\n" + msgstr "" + +-#: vms-alpha.c:5976 ++#: vms-alpha.c:5977 + #, c-format + msgid " image offset : 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:5978 ++#: vms-alpha.c:5979 + #, c-format + msgid " symvec offset : 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:5980 ++#: vms-alpha.c:5981 + #, c-format + msgid " name : %.*s\n" + msgstr "" + +-#: vms-alpha.c:5993 ++#: vms-alpha.c:5994 + #, c-format + msgid "SYM - Global symbol definition\n" + msgstr "" + +-#: vms-alpha.c:5994 vms-alpha.c:6054 vms-alpha.c:6075 vms-alpha.c:6094 ++#: vms-alpha.c:5995 vms-alpha.c:6055 vms-alpha.c:6076 vms-alpha.c:6095 + #, c-format + msgid " flags: 0x%04x" + msgstr "" + +-#: vms-alpha.c:5997 ++#: vms-alpha.c:5998 + #, c-format + msgid " psect offset: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6001 ++#: vms-alpha.c:6002 + #, c-format + msgid " code address: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6003 ++#: vms-alpha.c:6004 + #, c-format + msgid " psect index for entry point : %u\n" + msgstr "" + +-#: vms-alpha.c:6006 vms-alpha.c:6082 vms-alpha.c:6101 ++#: vms-alpha.c:6007 vms-alpha.c:6083 vms-alpha.c:6102 + #, c-format + msgid " psect index : %u\n" + msgstr "" + +-#: vms-alpha.c:6008 vms-alpha.c:6084 vms-alpha.c:6103 ++#: vms-alpha.c:6009 vms-alpha.c:6085 vms-alpha.c:6104 + #, c-format + msgid " name : %.*s\n" + msgstr "" + +-#: vms-alpha.c:6015 ++#: vms-alpha.c:6016 + #, c-format + msgid "SYM - Global symbol reference\n" + msgstr "" + +-#: vms-alpha.c:6027 ++#: vms-alpha.c:6028 + #, c-format + msgid "IDC - Ident Consistency check\n" + msgstr "" + +-#: vms-alpha.c:6028 ++#: vms-alpha.c:6029 + #, c-format + msgid " flags : 0x%08x" + msgstr "" + +-#: vms-alpha.c:6032 ++#: vms-alpha.c:6033 + #, c-format + msgid " id match : %x\n" + msgstr "" + +-#: vms-alpha.c:6034 ++#: vms-alpha.c:6035 + #, c-format + msgid " error severity: %x\n" + msgstr "" + +-#: vms-alpha.c:6037 ++#: vms-alpha.c:6038 + #, c-format + msgid " entity name : %.*s\n" + msgstr "" + +-#: vms-alpha.c:6039 ++#: vms-alpha.c:6040 + #, c-format + msgid " object name : %.*s\n" + msgstr "" + +-#: vms-alpha.c:6042 ++#: vms-alpha.c:6043 + #, c-format + msgid " binary ident : 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6045 ++#: vms-alpha.c:6046 + #, c-format + msgid " ascii ident : %.*s\n" + msgstr "" + +-#: vms-alpha.c:6053 ++#: vms-alpha.c:6054 + #, c-format + msgid "SYMG - Universal symbol definition\n" + msgstr "" + +-#: vms-alpha.c:6057 ++#: vms-alpha.c:6058 + #, c-format + msgid " symbol vector offset: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6059 ++#: vms-alpha.c:6060 + #, c-format + msgid " entry point: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6061 ++#: vms-alpha.c:6062 + #, c-format + msgid " proc descr : 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6063 ++#: vms-alpha.c:6064 + #, c-format + msgid " psect index: %u\n" + msgstr "" + +-#: vms-alpha.c:6074 ++#: vms-alpha.c:6075 + #, c-format + msgid "SYMV - Vectored symbol definition\n" + msgstr "" + +-#: vms-alpha.c:6078 ++#: vms-alpha.c:6079 + #, c-format + msgid " vector : 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6080 vms-alpha.c:6099 ++#: vms-alpha.c:6081 vms-alpha.c:6100 + #, c-format + msgid " psect offset: %u\n" + msgstr "" + +-#: vms-alpha.c:6093 ++#: vms-alpha.c:6094 + #, c-format + msgid "SYMM - Global symbol definition with version\n" + msgstr "" + +-#: vms-alpha.c:6097 ++#: vms-alpha.c:6098 + #, c-format + msgid " version mask: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6108 ++#: vms-alpha.c:6109 + #, c-format + msgid "unhandled egsd entry type %u\n" + msgstr "" + +-#: vms-alpha.c:6143 ++#: vms-alpha.c:6144 + #, c-format + msgid " linkage index: %u, replacement insn: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6147 ++#: vms-alpha.c:6148 + #, c-format + msgid " psect idx 1: %u, offset 1: 0x%08x %08x\n" + msgstr "" + +-#: vms-alpha.c:6152 ++#: vms-alpha.c:6153 + #, c-format + msgid " psect idx 2: %u, offset 2: 0x%08x %08x\n" + msgstr "" + +-#: vms-alpha.c:6158 ++#: vms-alpha.c:6159 + #, c-format + msgid " psect idx 3: %u, offset 3: 0x%08x %08x\n" + msgstr "" + +-#: vms-alpha.c:6163 ++#: vms-alpha.c:6164 + #, c-format + msgid " global name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:6174 ++#: vms-alpha.c:6175 + #, c-format + msgid " %s (len=%u+%u):\n" + msgstr "" + +-#: vms-alpha.c:6196 ++#: vms-alpha.c:6197 + #, c-format + msgid " (type: %3u, size: 4+%3u): " + msgstr "" + +-#: vms-alpha.c:6200 ++#: vms-alpha.c:6201 + #, c-format + msgid "STA_GBL (stack global) %.*s\n" + msgstr "" + +-#: vms-alpha.c:6204 ++#: vms-alpha.c:6205 + #, c-format + msgid "STA_LW (stack longword) 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6208 ++#: vms-alpha.c:6209 + #, c-format + msgid "STA_QW (stack quadword) 0x%08x %08x\n" + msgstr "" + +-#: vms-alpha.c:6213 ++#: vms-alpha.c:6214 + #, c-format + msgid "STA_PQ (stack psect base + offset)\n" + msgstr "" + +-#: vms-alpha.c:6215 ++#: vms-alpha.c:6216 + #, c-format + msgid " psect: %u, offset: 0x%08x %08x\n" + msgstr "" + +-#: vms-alpha.c:6221 ++#: vms-alpha.c:6222 + #, c-format + msgid "STA_LI (stack literal)\n" + msgstr "" + +-#: vms-alpha.c:6224 ++#: vms-alpha.c:6225 + #, c-format + msgid "STA_MOD (stack module)\n" + msgstr "" + +-#: vms-alpha.c:6227 ++#: vms-alpha.c:6228 + #, c-format + msgid "STA_CKARG (compare procedure argument)\n" + msgstr "" + +-#: vms-alpha.c:6231 ++#: vms-alpha.c:6232 + #, c-format + msgid "STO_B (store byte)\n" + msgstr "" + +-#: vms-alpha.c:6234 ++#: vms-alpha.c:6235 + #, c-format + msgid "STO_W (store word)\n" + msgstr "" + +-#: vms-alpha.c:6237 ++#: vms-alpha.c:6238 + #, c-format + msgid "STO_LW (store longword)\n" + msgstr "" + +-#: vms-alpha.c:6240 ++#: vms-alpha.c:6241 + #, c-format + msgid "STO_QW (store quadword)\n" + msgstr "" + +-#: vms-alpha.c:6246 ++#: vms-alpha.c:6247 + #, c-format + msgid "STO_IMMR (store immediate repeat) %u bytes\n" + msgstr "" + +-#: vms-alpha.c:6253 ++#: vms-alpha.c:6254 + #, c-format + msgid "STO_GBL (store global) %.*s\n" + msgstr "" + +-#: vms-alpha.c:6257 ++#: vms-alpha.c:6258 + #, c-format + msgid "STO_CA (store code address) %.*s\n" + msgstr "" + +-#: vms-alpha.c:6261 ++#: vms-alpha.c:6262 + #, c-format + msgid "STO_RB (store relative branch)\n" + msgstr "" + +-#: vms-alpha.c:6264 ++#: vms-alpha.c:6265 + #, c-format + msgid "STO_AB (store absolute branch)\n" + msgstr "" + +-#: vms-alpha.c:6267 ++#: vms-alpha.c:6268 + #, c-format + msgid "STO_OFF (store offset to psect)\n" + msgstr "" + +-#: vms-alpha.c:6273 ++#: vms-alpha.c:6274 + #, c-format + msgid "STO_IMM (store immediate) %u bytes\n" + msgstr "" + +-#: vms-alpha.c:6280 ++#: vms-alpha.c:6281 + #, c-format + msgid "STO_GBL_LW (store global longword) %.*s\n" + msgstr "" + +-#: vms-alpha.c:6284 ++#: vms-alpha.c:6285 + #, c-format + msgid "STO_OFF (store LP with procedure signature)\n" + msgstr "" + +-#: vms-alpha.c:6287 ++#: vms-alpha.c:6288 + #, c-format + msgid "STO_BR_GBL (store branch global) *todo*\n" + msgstr "" + +-#: vms-alpha.c:6290 ++#: vms-alpha.c:6291 + #, c-format + msgid "STO_BR_PS (store branch psect + offset) *todo*\n" + msgstr "" + +-#: vms-alpha.c:6294 ++#: vms-alpha.c:6295 + #, c-format + msgid "OPR_NOP (no-operation)\n" + msgstr "" + +-#: vms-alpha.c:6297 ++#: vms-alpha.c:6298 + #, c-format + msgid "OPR_ADD (add)\n" + msgstr "" + +-#: vms-alpha.c:6300 ++#: vms-alpha.c:6301 + #, c-format + msgid "OPR_SUB (subtract)\n" + msgstr "" + +-#: vms-alpha.c:6303 ++#: vms-alpha.c:6304 + #, c-format + msgid "OPR_MUL (multiply)\n" + msgstr "" + +-#: vms-alpha.c:6306 ++#: vms-alpha.c:6307 + #, c-format + msgid "OPR_DIV (divide)\n" + msgstr "" + +-#: vms-alpha.c:6309 ++#: vms-alpha.c:6310 + #, c-format + msgid "OPR_AND (logical and)\n" + msgstr "" + +-#: vms-alpha.c:6312 ++#: vms-alpha.c:6313 + #, c-format + msgid "OPR_IOR (logical inclusive or)\n" + msgstr "" + +-#: vms-alpha.c:6315 ++#: vms-alpha.c:6316 + #, c-format + msgid "OPR_EOR (logical exclusive or)\n" + msgstr "" + +-#: vms-alpha.c:6318 ++#: vms-alpha.c:6319 + #, c-format + msgid "OPR_NEG (negate)\n" + msgstr "" + +-#: vms-alpha.c:6321 ++#: vms-alpha.c:6322 + #, c-format + msgid "OPR_COM (complement)\n" + msgstr "" + +-#: vms-alpha.c:6324 ++#: vms-alpha.c:6325 + #, c-format + msgid "OPR_INSV (insert field)\n" + msgstr "" + +-#: vms-alpha.c:6327 ++#: vms-alpha.c:6328 + #, c-format + msgid "OPR_ASH (arithmetic shift)\n" + msgstr "" + +-#: vms-alpha.c:6330 ++#: vms-alpha.c:6331 + #, c-format + msgid "OPR_USH (unsigned shift)\n" + msgstr "" + +-#: vms-alpha.c:6333 ++#: vms-alpha.c:6334 + #, c-format + msgid "OPR_ROT (rotate)\n" + msgstr "" + +-#: vms-alpha.c:6336 ++#: vms-alpha.c:6337 + #, c-format + msgid "OPR_SEL (select)\n" + msgstr "" + +-#: vms-alpha.c:6339 ++#: vms-alpha.c:6340 + #, c-format + msgid "OPR_REDEF (redefine symbol to curr location)\n" + msgstr "" + +-#: vms-alpha.c:6342 ++#: vms-alpha.c:6343 + #, c-format + msgid "OPR_REDEF (define a literal)\n" + msgstr "" + +-#: vms-alpha.c:6346 ++#: vms-alpha.c:6347 + #, c-format + msgid "STC_LP (store cond linkage pair)\n" + msgstr "" + +-#: vms-alpha.c:6350 ++#: vms-alpha.c:6351 + #, c-format + msgid "STC_LP_PSB (store cond linkage pair + signature)\n" + msgstr "" + +-#: vms-alpha.c:6352 ++#: vms-alpha.c:6353 + #, c-format + msgid " linkage index: %u, procedure: %.*s\n" + msgstr "" + +-#: vms-alpha.c:6355 ++#: vms-alpha.c:6356 + #, c-format + msgid " signature: %.*s\n" + msgstr "" + +-#: vms-alpha.c:6358 ++#: vms-alpha.c:6359 + #, c-format + msgid "STC_GBL (store cond global)\n" + msgstr "" + +-#: vms-alpha.c:6360 ++#: vms-alpha.c:6361 + #, c-format + msgid " linkage index: %u, global: %.*s\n" + msgstr "" + +-#: vms-alpha.c:6364 ++#: vms-alpha.c:6365 + #, c-format + msgid "STC_GCA (store cond code address)\n" + msgstr "" + +-#: vms-alpha.c:6366 ++#: vms-alpha.c:6367 + #, c-format + msgid " linkage index: %u, procedure name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:6370 ++#: vms-alpha.c:6371 + #, c-format + msgid "STC_PS (store cond psect + offset)\n" + msgstr "" + +-#: vms-alpha.c:6373 ++#: vms-alpha.c:6374 + #, c-format + msgid " linkage index: %u, psect: %u, offset: 0x%08x %08x\n" + msgstr "" + +-#: vms-alpha.c:6380 ++#: vms-alpha.c:6381 + #, c-format + msgid "STC_NOP_GBL (store cond NOP at global addr)\n" + msgstr "" + +-#: vms-alpha.c:6384 ++#: vms-alpha.c:6385 + #, c-format + msgid "STC_NOP_PS (store cond NOP at psect + offset)\n" + msgstr "" + +-#: vms-alpha.c:6388 ++#: vms-alpha.c:6389 + #, c-format + msgid "STC_BSR_GBL (store cond BSR at global addr)\n" + msgstr "" + +-#: vms-alpha.c:6392 ++#: vms-alpha.c:6393 + #, c-format + msgid "STC_BSR_PS (store cond BSR at psect + offset)\n" + msgstr "" + +-#: vms-alpha.c:6396 ++#: vms-alpha.c:6397 + #, c-format + msgid "STC_LDA_GBL (store cond LDA at global addr)\n" + msgstr "" + +-#: vms-alpha.c:6400 ++#: vms-alpha.c:6401 + #, c-format + msgid "STC_LDA_PS (store cond LDA at psect + offset)\n" + msgstr "" + +-#: vms-alpha.c:6404 ++#: vms-alpha.c:6405 + #, c-format + msgid "STC_BOH_GBL (store cond BOH at global addr)\n" + msgstr "" + +-#: vms-alpha.c:6408 ++#: vms-alpha.c:6409 + #, c-format + msgid "STC_BOH_PS (store cond BOH at psect + offset)\n" + msgstr "" + +-#: vms-alpha.c:6413 ++#: vms-alpha.c:6414 + #, c-format + msgid "STC_NBH_GBL (store cond or hint at global addr)\n" + msgstr "" + +-#: vms-alpha.c:6417 ++#: vms-alpha.c:6418 + #, c-format + msgid "STC_NBH_PS (store cond or hint at psect + offset)\n" + msgstr "" + +-#: vms-alpha.c:6421 ++#: vms-alpha.c:6422 + #, c-format + msgid "CTL_SETRB (set relocation base)\n" + msgstr "" + +-#: vms-alpha.c:6427 ++#: vms-alpha.c:6428 + #, c-format + msgid "CTL_AUGRB (augment relocation base) %u\n" + msgstr "" + +-#: vms-alpha.c:6431 ++#: vms-alpha.c:6432 + #, c-format + msgid "CTL_DFLOC (define location)\n" + msgstr "" + +-#: vms-alpha.c:6434 ++#: vms-alpha.c:6435 + #, c-format + msgid "CTL_STLOC (set location)\n" + msgstr "" + +-#: vms-alpha.c:6437 ++#: vms-alpha.c:6438 + #, c-format + msgid "CTL_STKDL (stack defined location)\n" + msgstr "" + +-#: vms-alpha.c:6440 vms-alpha.c:6864 vms-alpha.c:6990 ++#: vms-alpha.c:6441 vms-alpha.c:6865 vms-alpha.c:6991 + #, c-format + msgid "*unhandled*\n" + msgstr "" + +-#: vms-alpha.c:6470 vms-alpha.c:6509 ++#: vms-alpha.c:6471 vms-alpha.c:6510 + #, c-format + msgid "cannot read GST record length\n" + msgstr "" + + #. Ill-formed. +-#: vms-alpha.c:6491 ++#: vms-alpha.c:6492 + #, c-format + msgid "cannot find EMH in first GST record\n" + msgstr "" + +-#: vms-alpha.c:6517 ++#: vms-alpha.c:6518 + #, c-format + msgid "cannot read GST record header\n" + msgstr "" + +-#: vms-alpha.c:6530 ++#: vms-alpha.c:6531 + #, c-format + msgid " corrupted GST\n" + msgstr "" + +-#: vms-alpha.c:6538 ++#: vms-alpha.c:6539 + #, c-format + msgid "cannot read GST record\n" + msgstr "" + +-#: vms-alpha.c:6567 ++#: vms-alpha.c:6568 + #, c-format + msgid " unhandled EOBJ record type %u\n" + msgstr "" + +-#: vms-alpha.c:6591 ++#: vms-alpha.c:6592 + #, c-format + msgid " bitcount: %u, base addr: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6605 ++#: vms-alpha.c:6606 + #, c-format + msgid " bitmap: 0x%08x (count: %u):\n" + msgstr "" + +-#: vms-alpha.c:6612 ++#: vms-alpha.c:6613 + #, c-format + msgid " %08x" + msgstr "" + +-#: vms-alpha.c:6638 ++#: vms-alpha.c:6639 + #, c-format + msgid " image %u (%u entries)\n" + msgstr "" + +-#: vms-alpha.c:6644 ++#: vms-alpha.c:6645 + #, c-format + msgid " offset: 0x%08x, val: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6666 ++#: vms-alpha.c:6667 + #, c-format + msgid " image %u (%u entries), offsets:\n" + msgstr "" + +-#: vms-alpha.c:6673 ++#: vms-alpha.c:6674 + #, c-format + msgid " 0x%08x" + msgstr "" + + #. 64 bits. +-#: vms-alpha.c:6795 ++#: vms-alpha.c:6796 + #, c-format + msgid "64 bits *unhandled*\n" + msgstr "" + +-#: vms-alpha.c:6800 ++#: vms-alpha.c:6801 + #, c-format + msgid "class: %u, dtype: %u, length: %u, pointer: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6811 ++#: vms-alpha.c:6812 + #, c-format + msgid "non-contiguous array of %s\n" + msgstr "" + +-#: vms-alpha.c:6816 ++#: vms-alpha.c:6817 + #, c-format + msgid "dimct: %u, aflags: 0x%02x, digits: %u, scale: %u\n" + msgstr "" + +-#: vms-alpha.c:6821 ++#: vms-alpha.c:6822 + #, c-format + msgid "arsize: %u, a0: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6825 ++#: vms-alpha.c:6826 + #, c-format + msgid "Strides:\n" + msgstr "" + +-#: vms-alpha.c:6835 ++#: vms-alpha.c:6836 + #, c-format + msgid "Bounds:\n" + msgstr "" + +-#: vms-alpha.c:6841 ++#: vms-alpha.c:6842 + #, c-format + msgid "[%u]: Lower: %u, upper: %u\n" + msgstr "" + +-#: vms-alpha.c:6853 ++#: vms-alpha.c:6854 + #, c-format + msgid "unaligned bit-string of %s\n" + msgstr "" + +-#: vms-alpha.c:6858 ++#: vms-alpha.c:6859 + #, c-format + msgid "base: %u, pos: %u\n" + msgstr "" + +-#: vms-alpha.c:6879 ++#: vms-alpha.c:6880 + #, c-format + msgid "vflags: 0x%02x, value: 0x%08x " + msgstr "" + +-#: vms-alpha.c:6885 ++#: vms-alpha.c:6886 + #, c-format + msgid "(no value)\n" + msgstr "" + +-#: vms-alpha.c:6888 ++#: vms-alpha.c:6889 + #, c-format + msgid "(not active)\n" + msgstr "" + +-#: vms-alpha.c:6891 ++#: vms-alpha.c:6892 + #, c-format + msgid "(not allocated)\n" + msgstr "" + +-#: vms-alpha.c:6894 ++#: vms-alpha.c:6895 + #, c-format + msgid "(descriptor)\n" + msgstr "" + +-#: vms-alpha.c:6898 ++#: vms-alpha.c:6899 + #, c-format + msgid "(trailing value)\n" + msgstr "" + +-#: vms-alpha.c:6901 ++#: vms-alpha.c:6902 + #, c-format + msgid "(value spec follows)\n" + msgstr "" + +-#: vms-alpha.c:6904 ++#: vms-alpha.c:6905 + #, c-format + msgid "(at bit offset %u)\n" + msgstr "" + +-#: vms-alpha.c:6908 ++#: vms-alpha.c:6909 + #, c-format + msgid "(reg: %u, disp: %u, indir: %u, kind: " + msgstr "" + +-#: vms-alpha.c:6915 ++#: vms-alpha.c:6916 + msgid "literal" + msgstr "" + +-#: vms-alpha.c:6918 ++#: vms-alpha.c:6919 + msgid "address" + msgstr "" + +-#: vms-alpha.c:6921 ++#: vms-alpha.c:6922 + msgid "desc" + msgstr "" + +-#: vms-alpha.c:6924 ++#: vms-alpha.c:6925 + msgid "reg" + msgstr "" + +-#: vms-alpha.c:6941 ++#: vms-alpha.c:6942 + #, c-format + msgid "len: %2u, kind: %2u " + msgstr "" + +-#: vms-alpha.c:6947 ++#: vms-alpha.c:6948 + #, c-format + msgid "atomic, type=0x%02x %s\n" + msgstr "" + +-#: vms-alpha.c:6951 ++#: vms-alpha.c:6952 + #, c-format + msgid "indirect, defined at 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:6955 ++#: vms-alpha.c:6956 + #, c-format + msgid "typed pointer\n" + msgstr "" + +-#: vms-alpha.c:6959 ++#: vms-alpha.c:6960 + #, c-format + msgid "pointer\n" + msgstr "" + +-#: vms-alpha.c:6967 ++#: vms-alpha.c:6968 + #, c-format + msgid "array, dim: %u, bitmap: " + msgstr "" + +-#: vms-alpha.c:6974 ++#: vms-alpha.c:6975 + #, c-format + msgid "array descriptor:\n" + msgstr "" + +-#: vms-alpha.c:6981 ++#: vms-alpha.c:6982 + #, c-format + msgid "type spec for element:\n" + msgstr "" + +-#: vms-alpha.c:6983 ++#: vms-alpha.c:6984 + #, c-format + msgid "type spec for subscript %u:\n" + msgstr "" + +-#: vms-alpha.c:7001 ++#: vms-alpha.c:7002 + #, c-format + msgid "Debug symbol table:\n" + msgstr "" + +-#: vms-alpha.c:7012 ++#: vms-alpha.c:7013 + #, c-format + msgid "cannot read DST header\n" + msgstr "" + +-#: vms-alpha.c:7018 ++#: vms-alpha.c:7019 + #, c-format + msgid " type: %3u, len: %3u (at 0x%08x): " + msgstr "" + +-#: vms-alpha.c:7032 ++#: vms-alpha.c:7033 + #, c-format + msgid "cannot read DST symbol\n" + msgstr "" + +-#: vms-alpha.c:7075 ++#: vms-alpha.c:7076 + #, c-format + msgid "standard data: %s\n" + msgstr "" + +-#: vms-alpha.c:7078 vms-alpha.c:7166 ++#: vms-alpha.c:7079 vms-alpha.c:7167 + #, c-format + msgid " name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:7085 ++#: vms-alpha.c:7086 + #, c-format + msgid "modbeg\n" + msgstr "" + +-#: vms-alpha.c:7087 ++#: vms-alpha.c:7088 + #, c-format + msgid " flags: %d, language: %u, major: %u, minor: %u\n" + msgstr "" + +-#: vms-alpha.c:7093 vms-alpha.c:7367 ++#: vms-alpha.c:7094 vms-alpha.c:7368 + #, c-format + msgid " module name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:7096 ++#: vms-alpha.c:7097 + #, c-format + msgid " compiler : %.*s\n" + msgstr "" + +-#: vms-alpha.c:7101 ++#: vms-alpha.c:7102 + #, c-format + msgid "modend\n" + msgstr "" + +-#: vms-alpha.c:7108 ++#: vms-alpha.c:7109 + msgid "rtnbeg\n" + msgstr "" + +-#: vms-alpha.c:7110 ++#: vms-alpha.c:7111 + #, c-format + msgid " flags: %u, address: 0x%08x, pd-address: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7115 ++#: vms-alpha.c:7116 + #, c-format + msgid " routine name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:7123 ++#: vms-alpha.c:7124 + #, c-format + msgid "rtnend: size 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7131 ++#: vms-alpha.c:7132 + #, c-format + msgid "prolog: bkpt address 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7140 ++#: vms-alpha.c:7141 + #, c-format + msgid "epilog: flags: %u, count: %u\n" + msgstr "" + +-#: vms-alpha.c:7150 ++#: vms-alpha.c:7151 + #, c-format + msgid "blkbeg: address: 0x%08x, name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:7159 ++#: vms-alpha.c:7160 + #, c-format + msgid "blkend: size: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7165 ++#: vms-alpha.c:7166 + #, c-format + msgid "typspec (len: %u)\n" + msgstr "" + +-#: vms-alpha.c:7172 ++#: vms-alpha.c:7173 + #, c-format + msgid "septyp, name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:7181 ++#: vms-alpha.c:7182 + #, c-format + msgid "recbeg: name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:7183 ++#: vms-alpha.c:7184 + #, c-format + msgid " len: %u bits\n" + msgstr "" + +-#: vms-alpha.c:7188 ++#: vms-alpha.c:7189 + #, c-format + msgid "recend\n" + msgstr "" + +-#: vms-alpha.c:7192 ++#: vms-alpha.c:7193 + #, c-format + msgid "enumbeg, len: %u, name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:7196 ++#: vms-alpha.c:7197 + #, c-format + msgid "enumelt, name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:7200 ++#: vms-alpha.c:7201 + #, c-format + msgid "enumend\n" + msgstr "" + +-#: vms-alpha.c:7205 ++#: vms-alpha.c:7206 + #, c-format + msgid "label, name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:7207 ++#: vms-alpha.c:7208 + #, c-format + msgid " address: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7217 ++#: vms-alpha.c:7218 + #, c-format + msgid "discontiguous range (nbr: %u)\n" + msgstr "" + +-#: vms-alpha.c:7220 ++#: vms-alpha.c:7221 + #, c-format + msgid " address: 0x%08x, size: %u\n" + msgstr "" + +-#: vms-alpha.c:7230 ++#: vms-alpha.c:7231 + #, c-format + msgid "line num (len: %u)\n" + msgstr "" + +-#: vms-alpha.c:7247 ++#: vms-alpha.c:7248 + #, c-format + msgid "delta_pc_w %u\n" + msgstr "" + +-#: vms-alpha.c:7254 ++#: vms-alpha.c:7255 + #, c-format + msgid "incr_linum(b): +%u\n" + msgstr "" + +-#: vms-alpha.c:7260 ++#: vms-alpha.c:7261 + #, c-format + msgid "incr_linum_w: +%u\n" + msgstr "" + +-#: vms-alpha.c:7266 ++#: vms-alpha.c:7267 + #, c-format + msgid "incr_linum_l: +%u\n" + msgstr "" + +-#: vms-alpha.c:7272 ++#: vms-alpha.c:7273 + #, c-format + msgid "set_line_num(w) %u\n" + msgstr "" + +-#: vms-alpha.c:7277 ++#: vms-alpha.c:7278 + #, c-format + msgid "set_line_num_b %u\n" + msgstr "" + +-#: vms-alpha.c:7282 ++#: vms-alpha.c:7283 + #, c-format + msgid "set_line_num_l %u\n" + msgstr "" + +-#: vms-alpha.c:7287 ++#: vms-alpha.c:7288 + #, c-format + msgid "set_abs_pc: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7291 ++#: vms-alpha.c:7292 + #, c-format + msgid "delta_pc_l: +0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7296 ++#: vms-alpha.c:7297 + #, c-format + msgid "term(b): 0x%02x" + msgstr "" + +-#: vms-alpha.c:7298 ++#: vms-alpha.c:7299 + #, c-format + msgid " pc: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7303 ++#: vms-alpha.c:7304 + #, c-format + msgid "term_w: 0x%04x" + msgstr "" + +-#: vms-alpha.c:7305 ++#: vms-alpha.c:7306 + #, c-format + msgid " pc: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7311 ++#: vms-alpha.c:7312 + #, c-format + msgid "delta pc +%-4d" + msgstr "" + +-#: vms-alpha.c:7315 ++#: vms-alpha.c:7316 + #, c-format + msgid " pc: 0x%08x line: %5u\n" + msgstr "" + +-#: vms-alpha.c:7320 ++#: vms-alpha.c:7321 + #, c-format + msgid " *unhandled* cmd %u\n" + msgstr "" + +-#: vms-alpha.c:7335 ++#: vms-alpha.c:7336 + #, c-format + msgid "source (len: %u)\n" + msgstr "" + +-#: vms-alpha.c:7350 ++#: vms-alpha.c:7351 + #, c-format + msgid " declfile: len: %u, flags: %u, fileid: %u\n" + msgstr "" + +-#: vms-alpha.c:7355 ++#: vms-alpha.c:7356 + #, c-format + msgid " rms: cdt: 0x%08x %08x, ebk: 0x%08x, ffb: 0x%04x, rfo: %u\n" + msgstr "" + +-#: vms-alpha.c:7364 ++#: vms-alpha.c:7365 + #, c-format + msgid " filename : %.*s\n" + msgstr "" + +-#: vms-alpha.c:7373 ++#: vms-alpha.c:7374 + #, c-format + msgid " setfile %u\n" + msgstr "" + +-#: vms-alpha.c:7378 vms-alpha.c:7383 ++#: vms-alpha.c:7379 vms-alpha.c:7384 + #, c-format + msgid " setrec %u\n" + msgstr "" + +-#: vms-alpha.c:7388 vms-alpha.c:7393 ++#: vms-alpha.c:7389 vms-alpha.c:7394 + #, c-format + msgid " setlnum %u\n" + msgstr "" + +-#: vms-alpha.c:7398 vms-alpha.c:7403 ++#: vms-alpha.c:7399 vms-alpha.c:7404 + #, c-format + msgid " deflines %u\n" + msgstr "" + +-#: vms-alpha.c:7407 ++#: vms-alpha.c:7408 + #, c-format + msgid " formfeed\n" + msgstr "" + +-#: vms-alpha.c:7411 ++#: vms-alpha.c:7412 + #, c-format + msgid " *unhandled* cmd %u\n" + msgstr "" + +-#: vms-alpha.c:7423 ++#: vms-alpha.c:7424 + #, c-format + msgid "*unhandled* dst type %u\n" + msgstr "" + +-#: vms-alpha.c:7455 ++#: vms-alpha.c:7456 + #, c-format + msgid "cannot read EIHD\n" + msgstr "" + +-#: vms-alpha.c:7459 ++#: vms-alpha.c:7460 + #, c-format + msgid "EIHD: (size: %u, nbr blocks: %u)\n" + msgstr "" + +-#: vms-alpha.c:7463 ++#: vms-alpha.c:7464 + #, c-format + msgid " majorid: %u, minorid: %u\n" + msgstr "" + +-#: vms-alpha.c:7471 ++#: vms-alpha.c:7472 + msgid "executable" + msgstr "" + +-#: vms-alpha.c:7474 ++#: vms-alpha.c:7475 + msgid "linkable image" + msgstr "" + +-#: vms-alpha.c:7481 ++#: vms-alpha.c:7482 + #, c-format + msgid " image type: %u (%s)" + msgstr "" + +-#: vms-alpha.c:7487 ++#: vms-alpha.c:7488 + msgid "native" + msgstr "" + +-#: vms-alpha.c:7490 ++#: vms-alpha.c:7491 + msgid "CLI" + msgstr "" + +-#: vms-alpha.c:7497 ++#: vms-alpha.c:7498 + #, c-format + msgid ", subtype: %u (%s)\n" + msgstr "" + +-#: vms-alpha.c:7504 ++#: vms-alpha.c:7505 + #, c-format + msgid " offsets: isd: %u, activ: %u, symdbg: %u, imgid: %u, patch: %u\n" + msgstr "" + +-#: vms-alpha.c:7508 ++#: vms-alpha.c:7509 + #, c-format + msgid " fixup info rva: " + msgstr "" + +-#: vms-alpha.c:7510 ++#: vms-alpha.c:7511 + #, c-format + msgid ", symbol vector rva: " + msgstr "" + +-#: vms-alpha.c:7513 ++#: vms-alpha.c:7514 + #, c-format + msgid "" + "\n" + " version array off: %u\n" + msgstr "" + +-#: vms-alpha.c:7518 ++#: vms-alpha.c:7519 + #, c-format + msgid " img I/O count: %u, nbr channels: %u, req pri: %08x%08x\n" + msgstr "" + +-#: vms-alpha.c:7524 ++#: vms-alpha.c:7525 + #, c-format + msgid " linker flags: %08x:" + msgstr "" + +-#: vms-alpha.c:7555 ++#: vms-alpha.c:7556 + #, c-format + msgid " ident: 0x%08x, sysver: 0x%08x, match ctrl: %u, symvect_size: %u\n" + msgstr "" + +-#: vms-alpha.c:7561 ++#: vms-alpha.c:7562 + #, c-format + msgid " BPAGE: %u" + msgstr "" + +-#: vms-alpha.c:7568 ++#: vms-alpha.c:7569 + #, c-format + msgid ", ext fixup offset: %u, no_opt psect off: %u" + msgstr "" + +-#: vms-alpha.c:7571 ++#: vms-alpha.c:7572 + #, c-format + msgid ", alias: %u\n" + msgstr "" + +-#: vms-alpha.c:7579 ++#: vms-alpha.c:7580 + #, c-format + msgid "system version array information:\n" + msgstr "" + +-#: vms-alpha.c:7583 ++#: vms-alpha.c:7584 + #, c-format + msgid "cannot read EIHVN header\n" + msgstr "" + +-#: vms-alpha.c:7593 ++#: vms-alpha.c:7594 + #, c-format + msgid "cannot read EIHVN version\n" + msgstr "" + +-#: vms-alpha.c:7596 ++#: vms-alpha.c:7597 + #, c-format + msgid " %02u " + msgstr "" + +-#: vms-alpha.c:7600 ++#: vms-alpha.c:7601 + msgid "BASE_IMAGE " + msgstr "" + +-#: vms-alpha.c:7603 ++#: vms-alpha.c:7604 + msgid "MEMORY_MANAGEMENT" + msgstr "" + +-#: vms-alpha.c:7606 ++#: vms-alpha.c:7607 + msgid "IO " + msgstr "" + +-#: vms-alpha.c:7609 ++#: vms-alpha.c:7610 + msgid "FILES_VOLUMES " + msgstr "" + +-#: vms-alpha.c:7612 ++#: vms-alpha.c:7613 + msgid "PROCESS_SCHED " + msgstr "" + +-#: vms-alpha.c:7615 ++#: vms-alpha.c:7616 + msgid "SYSGEN " + msgstr "" + +-#: vms-alpha.c:7618 ++#: vms-alpha.c:7619 + msgid "CLUSTERS_LOCKMGR " + msgstr "" + +-#: vms-alpha.c:7621 ++#: vms-alpha.c:7622 + msgid "LOGICAL_NAMES " + msgstr "" + +-#: vms-alpha.c:7624 ++#: vms-alpha.c:7625 + msgid "SECURITY " + msgstr "" + +-#: vms-alpha.c:7627 ++#: vms-alpha.c:7628 + msgid "IMAGE_ACTIVATOR " + msgstr "" + +-#: vms-alpha.c:7630 ++#: vms-alpha.c:7631 + msgid "NETWORKS " + msgstr "" + +-#: vms-alpha.c:7633 ++#: vms-alpha.c:7634 + msgid "COUNTERS " + msgstr "" + +-#: vms-alpha.c:7636 ++#: vms-alpha.c:7637 + msgid "STABLE " + msgstr "" + +-#: vms-alpha.c:7639 ++#: vms-alpha.c:7640 + msgid "MISC " + msgstr "" + +-#: vms-alpha.c:7642 ++#: vms-alpha.c:7643 + msgid "CPU " + msgstr "" + +-#: vms-alpha.c:7645 ++#: vms-alpha.c:7646 + msgid "VOLATILE " + msgstr "" + +-#: vms-alpha.c:7648 ++#: vms-alpha.c:7649 + msgid "SHELL " + msgstr "" + +-#: vms-alpha.c:7651 ++#: vms-alpha.c:7652 + msgid "POSIX " + msgstr "" + +-#: vms-alpha.c:7654 ++#: vms-alpha.c:7655 + msgid "MULTI_PROCESSING " + msgstr "" + +-#: vms-alpha.c:7657 ++#: vms-alpha.c:7658 + msgid "GALAXY " + msgstr "" + +-#: vms-alpha.c:7660 ++#: vms-alpha.c:7661 + msgid "*unknown* " + msgstr "" + +-#: vms-alpha.c:7676 vms-alpha.c:7951 ++#: vms-alpha.c:7677 vms-alpha.c:7952 + #, c-format + msgid "cannot read EIHA\n" + msgstr "" + +-#: vms-alpha.c:7679 ++#: vms-alpha.c:7680 + #, c-format + msgid "Image activation: (size=%u)\n" + msgstr "" + +-#: vms-alpha.c:7682 ++#: vms-alpha.c:7683 + #, c-format + msgid " First address : 0x%08x 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7686 ++#: vms-alpha.c:7687 + #, c-format + msgid " Second address: 0x%08x 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7690 ++#: vms-alpha.c:7691 + #, c-format + msgid " Third address : 0x%08x 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7694 ++#: vms-alpha.c:7695 + #, c-format + msgid " Fourth address: 0x%08x 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7698 ++#: vms-alpha.c:7699 + #, c-format + msgid " Shared image : 0x%08x 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7709 ++#: vms-alpha.c:7710 + #, c-format + msgid "cannot read EIHI\n" + msgstr "" + +-#: vms-alpha.c:7713 ++#: vms-alpha.c:7714 + #, c-format + msgid "Image identification: (major: %u, minor: %u)\n" + msgstr "" + +-#: vms-alpha.c:7716 ++#: vms-alpha.c:7717 + #, c-format + msgid " image name : %.*s\n" + msgstr "" + +-#: vms-alpha.c:7718 ++#: vms-alpha.c:7719 + #, c-format + msgid " link time : %s\n" + msgstr "" + +-#: vms-alpha.c:7720 ++#: vms-alpha.c:7721 + #, c-format + msgid " image ident : %.*s\n" + msgstr "" + +-#: vms-alpha.c:7722 ++#: vms-alpha.c:7723 + #, c-format + msgid " linker ident : %.*s\n" + msgstr "" + +-#: vms-alpha.c:7724 ++#: vms-alpha.c:7725 + #, c-format + msgid " image build ident: %.*s\n" + msgstr "" + +-#: vms-alpha.c:7734 ++#: vms-alpha.c:7735 + #, c-format + msgid "cannot read EIHS\n" + msgstr "" + +-#: vms-alpha.c:7738 ++#: vms-alpha.c:7739 + #, c-format + msgid "Image symbol & debug table: (major: %u, minor: %u)\n" + msgstr "" + +-#: vms-alpha.c:7744 ++#: vms-alpha.c:7745 + #, c-format + msgid " debug symbol table : vbn: %u, size: %u (0x%x)\n" + msgstr "" + +-#: vms-alpha.c:7749 ++#: vms-alpha.c:7750 + #, c-format + msgid " global symbol table: vbn: %u, records: %u\n" + msgstr "" + +-#: vms-alpha.c:7754 ++#: vms-alpha.c:7755 + #, c-format + msgid " debug module table : vbn: %u, size: %u\n" + msgstr "" + +-#: vms-alpha.c:7767 ++#: vms-alpha.c:7768 + #, c-format + msgid "cannot read EISD\n" + msgstr "" + +-#: vms-alpha.c:7778 ++#: vms-alpha.c:7779 + #, c-format + msgid "" + "Image section descriptor: (major: %u, minor: %u, size: %u, offset: %u)\n" + msgstr "" + +-#: vms-alpha.c:7786 ++#: vms-alpha.c:7787 + #, c-format + msgid " section: base: 0x%08x%08x size: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7791 ++#: vms-alpha.c:7792 + #, c-format + msgid " flags: 0x%04x" + msgstr "" + +-#: vms-alpha.c:7829 ++#: vms-alpha.c:7830 + #, c-format + msgid " vbn: %u, pfc: %u, matchctl: %u type: %u (" + msgstr "" + +-#: vms-alpha.c:7835 ++#: vms-alpha.c:7836 + msgid "NORMAL" + msgstr "" + +-#: vms-alpha.c:7838 ++#: vms-alpha.c:7839 + msgid "SHRFXD" + msgstr "" + +-#: vms-alpha.c:7841 ++#: vms-alpha.c:7842 + msgid "PRVFXD" + msgstr "" + +-#: vms-alpha.c:7844 ++#: vms-alpha.c:7845 + msgid "SHRPIC" + msgstr "" + +-#: vms-alpha.c:7847 ++#: vms-alpha.c:7848 + msgid "PRVPIC" + msgstr "" + +-#: vms-alpha.c:7850 ++#: vms-alpha.c:7851 + msgid "USRSTACK" + msgstr "" + +-#: vms-alpha.c:7856 ++#: vms-alpha.c:7857 + msgid ")\n" + msgstr "" + +-#: vms-alpha.c:7859 ++#: vms-alpha.c:7860 + #, c-format + msgid " ident: 0x%08x, name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:7869 ++#: vms-alpha.c:7870 + #, c-format + msgid "cannot read DMT\n" + msgstr "" + +-#: vms-alpha.c:7873 ++#: vms-alpha.c:7874 + #, c-format + msgid "Debug module table:\n" + msgstr "" + +-#: vms-alpha.c:7882 ++#: vms-alpha.c:7883 + #, c-format + msgid "cannot read DMT header\n" + msgstr "" + +-#: vms-alpha.c:7888 ++#: vms-alpha.c:7889 + #, c-format + msgid " module offset: 0x%08x, size: 0x%08x, (%u psects)\n" + msgstr "" + +-#: vms-alpha.c:7898 ++#: vms-alpha.c:7899 + #, c-format + msgid "cannot read DMT psect\n" + msgstr "" + +-#: vms-alpha.c:7902 ++#: vms-alpha.c:7903 + #, c-format + msgid " psect start: 0x%08x, length: %u\n" + msgstr "" + +-#: vms-alpha.c:7915 ++#: vms-alpha.c:7916 + #, c-format + msgid "cannot read DST\n" + msgstr "" + +-#: vms-alpha.c:7925 ++#: vms-alpha.c:7926 + #, c-format + msgid "cannot read GST\n" + msgstr "" + +-#: vms-alpha.c:7929 ++#: vms-alpha.c:7930 + #, c-format + msgid "Global symbol table:\n" + msgstr "" + +-#: vms-alpha.c:7958 ++#: vms-alpha.c:7959 + #, c-format + msgid "Image activator fixup: (major: %u, minor: %u)\n" + msgstr "" + +-#: vms-alpha.c:7962 ++#: vms-alpha.c:7963 + #, c-format + msgid " iaflink : 0x%08x %08x\n" + msgstr "" + +-#: vms-alpha.c:7966 ++#: vms-alpha.c:7967 + #, c-format + msgid " fixuplnk: 0x%08x %08x\n" + msgstr "" + +-#: vms-alpha.c:7969 ++#: vms-alpha.c:7970 + #, c-format + msgid " size : %u\n" + msgstr "" + +-#: vms-alpha.c:7971 ++#: vms-alpha.c:7972 + #, c-format + msgid " flags: 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:7976 ++#: vms-alpha.c:7977 + #, c-format + msgid " qrelfixoff: %5u, lrelfixoff: %5u\n" + msgstr "" + +-#: vms-alpha.c:7981 ++#: vms-alpha.c:7982 + #, c-format + msgid " qdotadroff: %5u, ldotadroff: %5u\n" + msgstr "" + +-#: vms-alpha.c:7986 ++#: vms-alpha.c:7987 + #, c-format + msgid " codeadroff: %5u, lpfixoff : %5u\n" + msgstr "" + +-#: vms-alpha.c:7989 ++#: vms-alpha.c:7990 + #, c-format + msgid " chgprtoff : %5u\n" + msgstr "" + +-#: vms-alpha.c:7993 ++#: vms-alpha.c:7994 + #, c-format + msgid " shlstoff : %5u, shrimgcnt : %5u\n" + msgstr "" + +-#: vms-alpha.c:7996 ++#: vms-alpha.c:7997 + #, c-format + msgid " shlextra : %5u, permctx : %5u\n" + msgstr "" + +-#: vms-alpha.c:7999 ++#: vms-alpha.c:8000 + #, c-format + msgid " base_va : 0x%08x\n" + msgstr "" + +-#: vms-alpha.c:8001 ++#: vms-alpha.c:8002 + #, c-format + msgid " lppsbfixoff: %5u\n" + msgstr "" + +-#: vms-alpha.c:8009 ++#: vms-alpha.c:8010 + #, c-format + msgid " Shareable images:\n" + msgstr "" + +-#: vms-alpha.c:8014 ++#: vms-alpha.c:8015 + #, c-format + msgid " %u: size: %u, flags: 0x%02x, name: %.*s\n" + msgstr "" + +-#: vms-alpha.c:8021 ++#: vms-alpha.c:8022 + #, c-format + msgid " quad-word relocation fixups:\n" + msgstr "" + +-#: vms-alpha.c:8026 ++#: vms-alpha.c:8027 + #, c-format + msgid " long-word relocation fixups:\n" + msgstr "" + +-#: vms-alpha.c:8031 ++#: vms-alpha.c:8032 + #, c-format + msgid " quad-word .address reference fixups:\n" + msgstr "" + +-#: vms-alpha.c:8036 ++#: vms-alpha.c:8037 + #, c-format + msgid " long-word .address reference fixups:\n" + msgstr "" + +-#: vms-alpha.c:8041 ++#: vms-alpha.c:8042 + #, c-format + msgid " Code Address Reference Fixups:\n" + msgstr "" + +-#: vms-alpha.c:8046 ++#: vms-alpha.c:8047 + #, c-format + msgid " Linkage Pairs Reference Fixups:\n" + msgstr "" + +-#: vms-alpha.c:8055 ++#: vms-alpha.c:8056 + #, c-format + msgid " Change Protection (%u entries):\n" + msgstr "" + +-#: vms-alpha.c:8061 ++#: vms-alpha.c:8062 + #, c-format + msgid " base: 0x%08x %08x, size: 0x%08x, prot: 0x%08x " + msgstr "" + + #. FIXME: we do not yet support relocatable link. It is not obvious + #. how to do it for debug infos. +-#: vms-alpha.c:8901 ++#: vms-alpha.c:8902 + msgid "%P: relocatable link is not supported\n" + msgstr "" + +-#: vms-alpha.c:8972 ++#: vms-alpha.c:8973 + #, c-format +-msgid "%P: multiple entry points: in modules %B and %B\n" ++msgid "%P: multiple entry points: in modules %pB and %pB\n" + msgstr "" + + #: vms-lib.c:1445 +@@ -8537,7 +8508,7 @@ msgstr "" + #: peigen.c:1906 peigen.c:2103 pepigen.c:1906 pepigen.c:2103 pex64igen.c:1906 + #: pex64igen.c:2103 + #, c-format +-msgid "Warning, .pdata section size (%ld) is not a multiple of %d\n" ++msgid "warning, .pdata section size (%ld) is not a multiple of %d\n" + msgstr "" + + #: peigen.c:1910 peigen.c:2107 pepigen.c:1910 pepigen.c:2107 pex64igen.c:1910 +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,9 @@ ++2018-04-24 Nick Clifton <nickc@redhat.com> ++ ++ PR 23110 ++ * peXXigen.c (_bfd_XX_bfd_copy_private_bfd_data_common): Check for ++ a negative PE_DEBUG_DATA size before iterating over the debug data. ++ + 2018-04-17 Nick Clifton <nickc@redhat.com> + + PR 23065 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-10535.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-10535.patch new file mode 100644 index 0000000000..29b834337e --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-10535.patch @@ -0,0 +1,63 @@ +From db0c309f4011ca94a4abc8458e27f3734dab92ac Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Tue, 24 Apr 2018 16:57:04 +0100 +Subject: [PATCH] Fix an illegal memory access when trying to copy an ELF + binary with corrupt section symbols. + + PR 23113 + * elf.c (ignore_section_sym): Check for the output_section pointer + being NULL before dereferencing it. + +Upstream-Status: Backport +Affects: <= 2.30 +CVE: CVE-2018-10535 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 4 ++++ + bfd/elf.c | 9 ++++++++- + 2 files changed, 12 insertions(+), 1 deletion(-) + +Index: git/bfd/elf.c +=================================================================== +--- git.orig/bfd/elf.c ++++ git/bfd/elf.c +@@ -3994,15 +3994,22 @@ ignore_section_sym (bfd *abfd, asymbol * + { + elf_symbol_type *type_ptr; + ++ if (sym == NULL) ++ return FALSE; ++ + if ((sym->flags & BSF_SECTION_SYM) == 0) + return FALSE; + ++ if (sym->section == NULL) ++ return TRUE; ++ + type_ptr = elf_symbol_from (abfd, sym); + return ((type_ptr != NULL + && type_ptr->internal_elf_sym.st_shndx != 0 + && bfd_is_abs_section (sym->section)) + || !(sym->section->owner == abfd +- || (sym->section->output_section->owner == abfd ++ || (sym->section->output_section != NULL ++ && sym->section->output_section->owner == abfd + && sym->section->output_offset == 0) + || bfd_is_abs_section (sym->section))); + } +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,4 +1,10 @@ + 2018-04-24 Nick Clifton <nickc@redhat.com> ++ ++ PR 23113 ++ * elf.c (ignore_section_sym): Check for the output_section pointer ++ being NULL before dereferencing it. ++ ++2018-04-24 Nick Clifton <nickc@redhat.com> + + PR 23110 + * peXXigen.c (_bfd_XX_bfd_copy_private_bfd_data_common): Check for diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-13033.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-13033.patch new file mode 100644 index 0000000000..3fa852c951 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-13033.patch @@ -0,0 +1,71 @@ +From 95a6d23566165208853a68d9cd3c6eedca840ec6 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Tue, 8 May 2018 12:51:06 +0100 +Subject: [PATCH] Prevent a memory exhaustion failure when running objdump on a + fuzzed input file with corrupt string and attribute sections. + + PR 22809 + * elf.c (bfd_elf_get_str_section): Check for an excessively large + string section. + * elf-attrs.c (_bfd_elf_parse_attributes): Issue an error if the + attribute section is larger than the size of the file. + +Upstream-Status: Backport +Affects: <= 2.30 +CVE: CVE-2018-13033 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 8 ++++++++ + bfd/elf-attrs.c | 9 +++++++++ + bfd/elf.c | 1 + + 3 files changed, 18 insertions(+) + +Index: git/bfd/elf-attrs.c +=================================================================== +--- git.orig/bfd/elf-attrs.c ++++ git/bfd/elf-attrs.c +@@ -438,6 +438,15 @@ _bfd_elf_parse_attributes (bfd *abfd, El + /* PR 17512: file: 2844a11d. */ + if (hdr->sh_size == 0) + return; ++ if (hdr->sh_size > bfd_get_file_size (abfd)) ++ { ++ /* xgettext:c-format */ ++ _bfd_error_handler (_("%pB: error: attribute section '%pA' too big: %#llx"), ++ abfd, hdr->bfd_section, (long long) hdr->sh_size); ++ bfd_set_error (bfd_error_invalid_operation); ++ return; ++ } ++ + contents = (bfd_byte *) bfd_malloc (hdr->sh_size + 1); + if (!contents) + return; +Index: git/bfd/elf.c +=================================================================== +--- git.orig/bfd/elf.c ++++ git/bfd/elf.c +@@ -297,6 +297,7 @@ bfd_elf_get_str_section (bfd *abfd, unsi + /* Allocate and clear an extra byte at the end, to prevent crashes + in case the string table is not terminated. */ + if (shstrtabsize + 1 <= 1 ++ || shstrtabsize > bfd_get_file_size (abfd) + || bfd_seek (abfd, offset, SEEK_SET) != 0 + || (shstrtab = (bfd_byte *) bfd_alloc (abfd, shstrtabsize + 1)) == NULL) + shstrtab = NULL; +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,11 @@ ++2018-05-08 Nick Clifton <nickc@redhat.com> ++ ++ PR 22809 ++ * elf.c (bfd_elf_get_str_section): Check for an excessively large ++ string section. ++ * elf-attrs.c (_bfd_elf_parse_attributes): Issue an error if the ++ attribute section is larger than the size of the file. ++ + 2018-04-24 Nick Clifton <nickc@redhat.com> + + PR 23113 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-6323.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-6323.patch new file mode 100644 index 0000000000..2c6b1b2427 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-6323.patch @@ -0,0 +1,55 @@ +From 38e64b0ecc7f4ee64a02514b8d532782ac057fa2 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Thu, 25 Jan 2018 21:47:41 +1030 +Subject: [PATCH] PR22746, crash when running 32-bit objdump on corrupted file + +Avoid unsigned int overflow by performing bfd_size_type multiplication. + + PR 22746 + * elfcode.h (elf_object_p): Avoid integer overflow. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2018-6323 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 5 +++++ + bfd/elfcode.h | 4 ++-- + 2 files changed, 7 insertions(+), 2 deletions(-) + +Index: git/bfd/elfcode.h +=================================================================== +--- git.orig/bfd/elfcode.h ++++ git/bfd/elfcode.h +@@ -680,7 +680,7 @@ elf_object_p (bfd *abfd) + if (i_ehdrp->e_shnum > ((bfd_size_type) -1) / sizeof (*i_shdrp)) + goto got_wrong_format_error; + #endif +- amt = sizeof (*i_shdrp) * i_ehdrp->e_shnum; ++ amt = sizeof (*i_shdrp) * (bfd_size_type) i_ehdrp->e_shnum; + i_shdrp = (Elf_Internal_Shdr *) bfd_alloc (abfd, amt); + if (!i_shdrp) + goto got_no_match; +@@ -776,7 +776,7 @@ elf_object_p (bfd *abfd) + if (i_ehdrp->e_phnum > ((bfd_size_type) -1) / sizeof (*i_phdr)) + goto got_wrong_format_error; + #endif +- amt = i_ehdrp->e_phnum * sizeof (*i_phdr); ++ amt = (bfd_size_type) i_ehdrp->e_phnum * sizeof (*i_phdr); + elf_tdata (abfd)->phdr = (Elf_Internal_Phdr *) bfd_alloc (abfd, amt); + if (elf_tdata (abfd)->phdr == NULL) + goto got_no_match; +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,8 @@ ++2018-01-25 Alan Modra <amodra@gmail.com> ++ ++ PR 22746 ++ * elfcode.h (elf_object_p): Avoid integer overflow. ++ + 2018-05-08 Nick Clifton <nickc@redhat.com> + + PR 22809 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-6759.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-6759.patch new file mode 100644 index 0000000000..3b0e98a0a3 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-6759.patch @@ -0,0 +1,108 @@ +From 64e234d417d5685a4aec0edc618114d9991c031b Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Tue, 6 Feb 2018 15:48:29 +0000 +Subject: [PATCH] Prevent attempts to call strncpy with a zero-length field by + chacking the size of debuglink sections. + + PR 22794 + * opncls.c (bfd_get_debug_link_info_1): Check the size of the + section before attempting to read it in. + (bfd_get_alt_debug_link_info): Likewise. + +Upstream-Status: Backport +Affects: <= 2.30 +CVE: CVE-2018-6759 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 7 +++++++ + bfd/opncls.c | 22 +++++++++++++++++----- + 2 files changed, 24 insertions(+), 5 deletions(-) + +Index: git/bfd/opncls.c +=================================================================== +--- git.orig/bfd/opncls.c ++++ git/bfd/opncls.c +@@ -1179,6 +1179,7 @@ bfd_get_debug_link_info_1 (bfd *abfd, vo + bfd_byte *contents; + unsigned int crc_offset; + char *name; ++ bfd_size_type size; + + BFD_ASSERT (abfd); + BFD_ASSERT (crc32_out); +@@ -1188,6 +1189,12 @@ bfd_get_debug_link_info_1 (bfd *abfd, vo + if (sect == NULL) + return NULL; + ++ size = bfd_get_section_size (sect); ++ ++ /* PR 22794: Make sure that the section has a reasonable size. */ ++ if (size < 8 || size >= bfd_get_size (abfd)) ++ return NULL; ++ + if (!bfd_malloc_and_get_section (abfd, sect, &contents)) + { + if (contents != NULL) +@@ -1197,10 +1204,10 @@ bfd_get_debug_link_info_1 (bfd *abfd, vo + + /* CRC value is stored after the filename, aligned up to 4 bytes. */ + name = (char *) contents; +- /* PR 17597: avoid reading off the end of the buffer. */ +- crc_offset = strnlen (name, bfd_get_section_size (sect)) + 1; ++ /* PR 17597: Avoid reading off the end of the buffer. */ ++ crc_offset = strnlen (name, size) + 1; + crc_offset = (crc_offset + 3) & ~3; +- if (crc_offset + 4 > bfd_get_section_size (sect)) ++ if (crc_offset + 4 > size) + return NULL; + + *crc32 = bfd_get_32 (abfd, contents + crc_offset); +@@ -1261,6 +1268,7 @@ bfd_get_alt_debug_link_info (bfd * abfd, + bfd_byte *contents; + unsigned int buildid_offset; + char *name; ++ bfd_size_type size; + + BFD_ASSERT (abfd); + BFD_ASSERT (buildid_len); +@@ -1271,6 +1279,10 @@ bfd_get_alt_debug_link_info (bfd * abfd, + if (sect == NULL) + return NULL; + ++ size = bfd_get_section_size (sect); ++ if (size < 8 || size >= bfd_get_size (abfd)) ++ return NULL; ++ + if (!bfd_malloc_and_get_section (abfd, sect, & contents)) + { + if (contents != NULL) +@@ -1280,11 +1292,11 @@ bfd_get_alt_debug_link_info (bfd * abfd, + + /* BuildID value is stored after the filename. */ + name = (char *) contents; +- buildid_offset = strnlen (name, bfd_get_section_size (sect)) + 1; ++ buildid_offset = strnlen (name, size) + 1; + if (buildid_offset >= bfd_get_section_size (sect)) + return NULL; + +- *buildid_len = bfd_get_section_size (sect) - buildid_offset; ++ *buildid_len = size - buildid_offset; + *buildid_out = bfd_malloc (*buildid_len); + memcpy (*buildid_out, contents + buildid_offset, *buildid_len); + +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,10 @@ ++2018-02-06 Nick Clifton <nickc@redhat.com> ++ ++ PR 22794 ++ * opncls.c (bfd_get_debug_link_info_1): Check the size of the ++ section before attempting to read it in. ++ (bfd_get_alt_debug_link_info): Likewise. ++ + 2018-01-25 Alan Modra <amodra@gmail.com> + + PR 22746 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-7208.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-7208.patch new file mode 100644 index 0000000000..7d78db7eb3 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-7208.patch @@ -0,0 +1,47 @@ +From eb77f6a4621795367a39cdd30957903af9dbb815 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Sat, 27 Jan 2018 08:19:33 +1030 +Subject: [PATCH] PR22741, objcopy segfault on fuzzed COFF object + + PR 22741 + * coffgen.c (coff_pointerize_aux): Ensure auxent tagndx is in + range before converting to a symbol table pointer. + +Upstream-Status: Backport +Affects: <= 2.30 +CVE: CVE-2018-7208 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 ++++++ + bfd/coffgen.c | 3 ++- + 2 files changed, 8 insertions(+), 1 deletion(-) + +Index: git/bfd/coffgen.c +=================================================================== +--- git.orig/bfd/coffgen.c ++++ git/bfd/coffgen.c +@@ -1555,7 +1555,8 @@ coff_pointerize_aux (bfd *abfd, + } + /* A negative tagndx is meaningless, but the SCO 3.2v4 cc can + generate one, so we must be careful to ignore it. */ +- if (auxent->u.auxent.x_sym.x_tagndx.l > 0) ++ if ((unsigned long) auxent->u.auxent.x_sym.x_tagndx.l ++ < obj_raw_syment_count (abfd)) + { + auxent->u.auxent.x_sym.x_tagndx.p = + table_base + auxent->u.auxent.x_sym.x_tagndx.l; +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,9 @@ ++2018-01-29 Alan Modra <amodra@gmail.com> ++ ++ PR 22741 ++ * coffgen.c (coff_pointerize_aux): Ensure auxent tagndx is in ++ range before converting to a symbol table pointer. ++ + 2018-02-06 Nick Clifton <nickc@redhat.com> + + PR 22794 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-7568_p1.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-7568_p1.patch new file mode 100644 index 0000000000..b014080a7e --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-7568_p1.patch @@ -0,0 +1,161 @@ +From 1da5c9a485f3dcac4c45e96ef4b7dae5948314b5 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Mon, 25 Sep 2017 20:20:38 +0930 +Subject: [PATCH] PR22202, buffer overflow in parse_die + +There was a complete lack of sanity checking in dwarf1.c + + PR 22202 + * dwarf1.c (parse_die): Sanity check pointer against section limit + before dereferencing. + (parse_line_table): Likewise. + +Upstream-Status: Backport +Affects: <= 2.30 +CVE: CVE-2018-7568 patch1 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 7 +++++++ + bfd/dwarf1.c | 56 ++++++++++++++++++++++++++++++++++++++------------------ + 2 files changed, 45 insertions(+), 18 deletions(-) + +Index: git/bfd/dwarf1.c +=================================================================== +--- git.orig/bfd/dwarf1.c ++++ git/bfd/dwarf1.c +@@ -189,11 +189,14 @@ parse_die (bfd * abfd, + memset (aDieInfo, 0, sizeof (* aDieInfo)); + + /* First comes the length. */ +- aDieInfo->length = bfd_get_32 (abfd, (bfd_byte *) xptr); ++ if (xptr + 4 > aDiePtrEnd) ++ return FALSE; ++ aDieInfo->length = bfd_get_32 (abfd, xptr); + xptr += 4; + if (aDieInfo->length == 0 +- || (this_die + aDieInfo->length) >= aDiePtrEnd) ++ || this_die + aDieInfo->length > aDiePtrEnd) + return FALSE; ++ aDiePtrEnd = this_die + aDieInfo->length; + if (aDieInfo->length < 6) + { + /* Just padding bytes. */ +@@ -202,18 +205,20 @@ parse_die (bfd * abfd, + } + + /* Then the tag. */ +- aDieInfo->tag = bfd_get_16 (abfd, (bfd_byte *) xptr); ++ if (xptr + 2 > aDiePtrEnd) ++ return FALSE; ++ aDieInfo->tag = bfd_get_16 (abfd, xptr); + xptr += 2; + + /* Then the attributes. */ +- while (xptr < (this_die + aDieInfo->length)) ++ while (xptr + 2 <= aDiePtrEnd) + { + unsigned short attr; + + /* Parse the attribute based on its form. This section + must handle all dwarf1 forms, but need only handle the + actual attributes that we care about. */ +- attr = bfd_get_16 (abfd, (bfd_byte *) xptr); ++ attr = bfd_get_16 (abfd, xptr); + xptr += 2; + + switch (FORM_FROM_ATTR (attr)) +@@ -223,12 +228,15 @@ parse_die (bfd * abfd, + break; + case FORM_DATA4: + case FORM_REF: +- if (attr == AT_sibling) +- aDieInfo->sibling = bfd_get_32 (abfd, (bfd_byte *) xptr); +- else if (attr == AT_stmt_list) ++ if (xptr + 4 <= aDiePtrEnd) + { +- aDieInfo->stmt_list_offset = bfd_get_32 (abfd, (bfd_byte *) xptr); +- aDieInfo->has_stmt_list = 1; ++ if (attr == AT_sibling) ++ aDieInfo->sibling = bfd_get_32 (abfd, xptr); ++ else if (attr == AT_stmt_list) ++ { ++ aDieInfo->stmt_list_offset = bfd_get_32 (abfd, xptr); ++ aDieInfo->has_stmt_list = 1; ++ } + } + xptr += 4; + break; +@@ -236,22 +244,29 @@ parse_die (bfd * abfd, + xptr += 8; + break; + case FORM_ADDR: +- if (attr == AT_low_pc) +- aDieInfo->low_pc = bfd_get_32 (abfd, (bfd_byte *) xptr); +- else if (attr == AT_high_pc) +- aDieInfo->high_pc = bfd_get_32 (abfd, (bfd_byte *) xptr); ++ if (xptr + 4 <= aDiePtrEnd) ++ { ++ if (attr == AT_low_pc) ++ aDieInfo->low_pc = bfd_get_32 (abfd, xptr); ++ else if (attr == AT_high_pc) ++ aDieInfo->high_pc = bfd_get_32 (abfd, xptr); ++ } + xptr += 4; + break; + case FORM_BLOCK2: +- xptr += 2 + bfd_get_16 (abfd, (bfd_byte *) xptr); ++ if (xptr + 2 <= aDiePtrEnd) ++ xptr += bfd_get_16 (abfd, xptr); ++ xptr += 2; + break; + case FORM_BLOCK4: +- xptr += 4 + bfd_get_32 (abfd, (bfd_byte *) xptr); ++ if (xptr + 4 <= aDiePtrEnd) ++ xptr += bfd_get_32 (abfd, xptr); ++ xptr += 4; + break; + case FORM_STRING: + if (attr == AT_name) + aDieInfo->name = (char *) xptr; +- xptr += strlen ((char *) xptr) + 1; ++ xptr += strnlen ((char *) xptr, aDiePtrEnd - xptr) + 1; + break; + } + } +@@ -290,7 +305,7 @@ parse_line_table (struct dwarf1_debug* s + } + + xptr = stash->line_section + aUnit->stmt_list_offset; +- if (xptr < stash->line_section_end) ++ if (xptr + 8 <= stash->line_section_end) + { + unsigned long eachLine; + bfd_byte *tblend; +@@ -318,6 +333,11 @@ parse_line_table (struct dwarf1_debug* s + + for (eachLine = 0; eachLine < aUnit->line_count; eachLine++) + { ++ if (xptr + 10 > stash->line_section_end) ++ { ++ aUnit->line_count = eachLine; ++ break; ++ } + /* A line number. */ + aUnit->linenumber_table[eachLine].linenumber + = bfd_get_32 (stash->abfd, (bfd_byte *) xptr); +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,10 @@ ++2017-09-25 Alan Modra <amodra@gmail.com> ++ ++ PR 22202 ++ * dwarf1.c (parse_die): Sanity check pointer against section limit ++ before dereferencing. ++ (parse_line_table): Likewise. ++ + 2018-01-29 Alan Modra <amodra@gmail.com> + + PR 22741 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-7568_p2.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-7568_p2.patch new file mode 100644 index 0000000000..b5511d7d8a --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-7568_p2.patch @@ -0,0 +1,73 @@ +From eef104664efb52965d85a28bc3fc7c77e52e48e2 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Wed, 28 Feb 2018 10:13:54 +0000 +Subject: [PATCH] Fix potential integer overflow when reading corrupt dwarf1 + debug information. + + PR 22894 + * dwarf1.c (parse_die): Check the length of form blocks before + advancing the data pointer. + +Upstream-Status: Backport +Affects: <= 2.30 +CVE: CVE-2018-7568 patch2 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 6 ++++++ + bfd/dwarf1.c | 17 +++++++++++++++-- + 2 files changed, 21 insertions(+), 2 deletions(-) + +Index: git/bfd/dwarf1.c +=================================================================== +--- git.orig/bfd/dwarf1.c ++++ git/bfd/dwarf1.c +@@ -213,6 +213,7 @@ parse_die (bfd * abfd, + /* Then the attributes. */ + while (xptr + 2 <= aDiePtrEnd) + { ++ unsigned int block_len; + unsigned short attr; + + /* Parse the attribute based on its form. This section +@@ -255,12 +256,24 @@ parse_die (bfd * abfd, + break; + case FORM_BLOCK2: + if (xptr + 2 <= aDiePtrEnd) +- xptr += bfd_get_16 (abfd, xptr); ++ { ++ block_len = bfd_get_16 (abfd, xptr); ++ if (xptr + block_len > aDiePtrEnd ++ || xptr + block_len < xptr) ++ return FALSE; ++ xptr += block_len; ++ } + xptr += 2; + break; + case FORM_BLOCK4: + if (xptr + 4 <= aDiePtrEnd) +- xptr += bfd_get_32 (abfd, xptr); ++ { ++ block_len = bfd_get_32 (abfd, xptr); ++ if (xptr + block_len > aDiePtrEnd ++ || xptr + block_len < xptr) ++ return FALSE; ++ xptr += block_len; ++ } + xptr += 4; + break; + case FORM_STRING: +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,9 @@ ++2018-02-28 Nick Clifton <nickc@redhat.com> ++ ++ PR 22894 ++ * dwarf1.c (parse_die): Check the length of form blocks before ++ advancing the data pointer. ++ + 2017-09-25 Alan Modra <amodra@gmail.com> + + PR 22202 diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-7569.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-7569.patch new file mode 100644 index 0000000000..e77118bc13 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-7569.patch @@ -0,0 +1,120 @@ +From 12c963421d045a127c413a0722062b9932c50aa9 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Wed, 28 Feb 2018 11:50:49 +0000 +Subject: [PATCH] Catch integer overflows/underflows when parsing corrupt DWARF + FORM blocks. + + PR 22895 + PR 22893 + * dwarf2.c (read_n_bytes): Replace size parameter with dwarf_block + pointer. Drop unused abfd parameter. Check the size of the block + before initialising the data field. Return the end pointer if the + size is invalid. + (read_attribute_value): Adjust invocations of read_n_bytes. + +Upstream-Status: Backport +Affects: <= 2.30 +CVE: CVE-2018-7569 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 8 ++++++++ + bfd/dwarf2.c | 36 +++++++++++++++++++++--------------- + 2 files changed, 29 insertions(+), 15 deletions(-) + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -649,14 +649,24 @@ read_8_bytes (bfd *abfd, bfd_byte *buf, + } + + static bfd_byte * +-read_n_bytes (bfd *abfd ATTRIBUTE_UNUSED, +- bfd_byte *buf, +- bfd_byte *end, +- unsigned int size ATTRIBUTE_UNUSED) +-{ +- if (buf + size > end) +- return NULL; +- return buf; ++read_n_bytes (bfd_byte * buf, ++ bfd_byte * end, ++ struct dwarf_block * block) ++{ ++ unsigned int size = block->size; ++ bfd_byte * block_end = buf + size; ++ ++ if (block_end > end || block_end < buf) ++ { ++ block->data = NULL; ++ block->size = 0; ++ return end; ++ } ++ else ++ { ++ block->data = buf; ++ return block_end; ++ } + } + + /* Scans a NUL terminated string starting at BUF, returning a pointer to it. +@@ -1154,8 +1164,7 @@ read_attribute_value (struct attribute * + return NULL; + blk->size = read_2_bytes (abfd, info_ptr, info_ptr_end); + info_ptr += 2; +- blk->data = read_n_bytes (abfd, info_ptr, info_ptr_end, blk->size); +- info_ptr += blk->size; ++ info_ptr = read_n_bytes (info_ptr, info_ptr_end, blk); + attr->u.blk = blk; + break; + case DW_FORM_block4: +@@ -1165,8 +1174,7 @@ read_attribute_value (struct attribute * + return NULL; + blk->size = read_4_bytes (abfd, info_ptr, info_ptr_end); + info_ptr += 4; +- blk->data = read_n_bytes (abfd, info_ptr, info_ptr_end, blk->size); +- info_ptr += blk->size; ++ info_ptr = read_n_bytes (info_ptr, info_ptr_end, blk); + attr->u.blk = blk; + break; + case DW_FORM_data2: +@@ -1206,8 +1214,7 @@ read_attribute_value (struct attribute * + blk->size = _bfd_safe_read_leb128 (abfd, info_ptr, &bytes_read, + FALSE, info_ptr_end); + info_ptr += bytes_read; +- blk->data = read_n_bytes (abfd, info_ptr, info_ptr_end, blk->size); +- info_ptr += blk->size; ++ info_ptr = read_n_bytes (info_ptr, info_ptr_end, blk); + attr->u.blk = blk; + break; + case DW_FORM_block1: +@@ -1217,8 +1224,7 @@ read_attribute_value (struct attribute * + return NULL; + blk->size = read_1_byte (abfd, info_ptr, info_ptr_end); + info_ptr += 1; +- blk->data = read_n_bytes (abfd, info_ptr, info_ptr_end, blk->size); +- info_ptr += blk->size; ++ info_ptr = read_n_bytes (info_ptr, info_ptr_end, blk); + attr->u.blk = blk; + break; + case DW_FORM_data1: +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,4 +1,14 @@ + 2018-02-28 Nick Clifton <nickc@redhat.com> ++ ++ PR 22895 ++ PR 22893 ++ * dwarf2.c (read_n_bytes): Replace size parameter with dwarf_block ++ pointer. Drop unused abfd parameter. Check the size of the block ++ before initialising the data field. Return the end pointer if the ++ size is invalid. ++ (read_attribute_value): Adjust invocations of read_n_bytes. ++ ++2018-02-28 Nick Clifton <nickc@redhat.com> + + PR 22894 + * dwarf1.c (parse_die): Check the length of form blocks before diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-7642.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-7642.patch new file mode 100644 index 0000000000..14b233e2c1 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-7642.patch @@ -0,0 +1,51 @@ +From 116acb2c268c89c89186673a7c92620d21825b25 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Wed, 28 Feb 2018 22:09:50 +1030 +Subject: [PATCH] PR22887, null pointer dereference in + aout_32_swap_std_reloc_out + + PR 22887 + * aoutx.h (swap_std_reloc_in): Correct r_index bound check. + +Upstream-Status: Backport +Affects: <= 2.30 +CVE: CVE-2018-7642 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 5 +++++ + bfd/aoutx.h | 6 ++++-- + 2 files changed, 9 insertions(+), 2 deletions(-) + +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,3 +1,8 @@ ++2018-02-28 Alan Modra <amodra@gmail.com> ++ ++ PR 22887 ++ * aoutx.h (swap_std_reloc_in): Correct r_index bound check. ++ + 2018-02-28 Nick Clifton <nickc@redhat.com> + + PR 22895 +Index: git/bfd/aoutx.h +=================================================================== +--- git.orig/bfd/aoutx.h ++++ git/bfd/aoutx.h +@@ -2211,10 +2211,12 @@ NAME (aout, swap_ext_reloc_in) (bfd *abf + || r_type == (unsigned int) RELOC_BASE22) + r_extern = 1; + +- if (r_extern && r_index > symcount) ++ if (r_extern && r_index >= symcount) + { + /* We could arrange to return an error, but it might be useful +- to see the file even if it is bad. */ ++ to see the file even if it is bad. FIXME: Of course this ++ means that objdump -r *doesn't* see the actual reloc, and ++ objcopy silently writes a different reloc. */ + r_extern = 0; + r_index = N_ABS; + } diff --git a/meta/recipes-devtools/make/make.inc b/meta/recipes-devtools/make/make.inc index 849b74299c..b8905bc6d3 100644 --- a/meta/recipes-devtools/make/make.inc +++ b/meta/recipes-devtools/make/make.inc @@ -5,7 +5,10 @@ called the makefile, which lists each of the non-source files and how to compute HOMEPAGE = "http://www.gnu.org/software/make/" SECTION = "devel" -SRC_URI = "${GNU_MIRROR}/make/make-${PV}.tar.bz2" +SRC_URI = "${GNU_MIRROR}/make/make-${PV}.tar.bz2 \ + file://0001-glob-Do-not-assume-glibc-glob-internals.patch \ + file://0002-glob-Do-not-assume-glibc-glob-internals.patch \ + " inherit autotools gettext pkgconfig texinfo diff --git a/meta/recipes-devtools/make/make/0001-glob-Do-not-assume-glibc-glob-internals.patch b/meta/recipes-devtools/make/make/0001-glob-Do-not-assume-glibc-glob-internals.patch new file mode 100644 index 0000000000..2b6e4d40c3 --- /dev/null +++ b/meta/recipes-devtools/make/make/0001-glob-Do-not-assume-glibc-glob-internals.patch @@ -0,0 +1,70 @@ +From c90a7dda6c572f79b8e78da44b6ebf8704edef65 Mon Sep 17 00:00:00 2001 +From: Paul Eggert <eggert@cs.ucla.edu> +Date: Sun, 24 Sep 2017 09:12:58 -0400 +Subject: [PATCH 1/2] glob: Do not assume glibc glob internals. + +It has been proposed that glibc glob start using gl_lstat, +which the API allows it to do. GNU 'make' should not get in +the way of this. See: +https://sourceware.org/ml/libc-alpha/2017-09/msg00409.html + +* dir.c (local_lstat): New function, like local_stat. +(dir_setup_glob): Use it to initialize gl_lstat too, as the API +requires. +--- +Upstream-Status: Backport +Signed-off-by: Khem Raj <raj.khem@gmail.com> + + dir.c | 29 +++++++++++++++++++++++++++-- + 1 file changed, 27 insertions(+), 2 deletions(-) + +diff --git a/dir.c b/dir.c +index f34bbf5..12eef30 100644 +--- a/dir.c ++++ b/dir.c +@@ -1299,15 +1299,40 @@ local_stat (const char *path, struct stat *buf) + } + #endif + ++/* Similarly for lstat. */ ++#if !defined(lstat) && !defined(WINDOWS32) || defined(VMS) ++# ifndef VMS ++# ifndef HAVE_SYS_STAT_H ++int lstat (const char *path, struct stat *sbuf); ++# endif ++# else ++ /* We are done with the fake lstat. Go back to the real lstat */ ++# ifdef lstat ++# undef lstat ++# endif ++# endif ++# define local_lstat lstat ++#elif defined(WINDOWS32) ++/* Windows doesn't support lstat(). */ ++# define local_lstat local_stat ++#else ++static int ++local_lstat (const char *path, struct stat *buf) ++{ ++ int e; ++ EINTRLOOP (e, lstat (path, buf)); ++ return e; ++} ++#endif ++ + void + dir_setup_glob (glob_t *gl) + { + gl->gl_opendir = open_dirstream; + gl->gl_readdir = read_dirstream; + gl->gl_closedir = free; ++ gl->gl_lstat = local_lstat; + gl->gl_stat = local_stat; +- /* We don't bother setting gl_lstat, since glob never calls it. +- The slot is only there for compatibility with 4.4 BSD. */ + } + + void +-- +2.16.1 + diff --git a/meta/recipes-devtools/make/make/0002-glob-Do-not-assume-glibc-glob-internals.patch b/meta/recipes-devtools/make/make/0002-glob-Do-not-assume-glibc-glob-internals.patch new file mode 100644 index 0000000000..d49acd9f6e --- /dev/null +++ b/meta/recipes-devtools/make/make/0002-glob-Do-not-assume-glibc-glob-internals.patch @@ -0,0 +1,38 @@ +From 9858702dbd1e137262c06765919937660879f63c Mon Sep 17 00:00:00 2001 +From: Paul Eggert <eggert@cs.ucla.edu> +Date: Sun, 24 Sep 2017 09:12:58 -0400 +Subject: [PATCH 2/2] glob: Do not assume glibc glob internals. + +It has been proposed that glibc glob start using gl_lstat, +which the API allows it to do. GNU 'make' should not get in +the way of this. See: +https://sourceware.org/ml/libc-alpha/2017-09/msg00409.html + +* dir.c (local_lstat): New function, like local_stat. +(dir_setup_glob): Use it to initialize gl_lstat too, as the API +requires. +--- +Upstream-Status: Backport + + configure.ac | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 64ec870..e87901c 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -399,10 +399,9 @@ AC_CACHE_CHECK([if system libc has GNU glob], [make_cv_sys_gnu_glob], + #include <glob.h> + #include <fnmatch.h> + +-#define GLOB_INTERFACE_VERSION 1 + #if !defined _LIBC && defined __GNU_LIBRARY__ && __GNU_LIBRARY__ > 1 + # include <gnu-versions.h> +-# if _GNU_GLOB_INTERFACE_VERSION == GLOB_INTERFACE_VERSION ++if _GNU_GLOB_INTERFACE_VERSION == 1 || _GNU_GLOB_INTERFACE_VERSION == 2 + gnu glob + # endif + #endif], +-- +2.16.1 + diff --git a/meta/recipes-devtools/patch/patch/0001-Fix-swapping-fake-lines-in-pch_swap.patch b/meta/recipes-devtools/patch/patch/0001-Fix-swapping-fake-lines-in-pch_swap.patch new file mode 100644 index 0000000000..049149eb9e --- /dev/null +++ b/meta/recipes-devtools/patch/patch/0001-Fix-swapping-fake-lines-in-pch_swap.patch @@ -0,0 +1,36 @@ +From 9c986353e420ead6e706262bf204d6e03322c300 Mon Sep 17 00:00:00 2001 +From: Andreas Gruenbacher <agruen@gnu.org> +Date: Fri, 17 Aug 2018 13:35:40 +0200 +Subject: [PATCH] Fix swapping fake lines in pch_swap + +* src/pch.c (pch_swap): Fix swapping p_bfake and p_efake when there is a +blank line in the middle of a context-diff hunk: that empty line stays +in the middle of the hunk and isn't swapped. + +Fixes: https://savannah.gnu.org/bugs/index.php?53133 +Signed-off-by: Andreas Gruenbacher <agruen@gnu.org> + +Upstream-Status: Backport [https://git.savannah.gnu.org/git/patch.git] +CVE: CVE-2018-6952 +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> + +--- + src/pch.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/pch.c b/src/pch.c +index e92bc64..a500ad9 100644 +--- a/src/pch.c ++++ b/src/pch.c +@@ -2122,7 +2122,7 @@ pch_swap (void) + } + if (p_efake >= 0) { /* fix non-freeable ptr range */ + if (p_efake <= i) +- n = p_end - i + 1; ++ n = p_end - p_ptrn_lines; + else + n = -i; + p_efake += n; +-- +2.10.2 + diff --git a/meta/recipes-devtools/patch/patch_2.7.6.bb b/meta/recipes-devtools/patch/patch_2.7.6.bb index 823486dd0a..85b0db7333 100644 --- a/meta/recipes-devtools/patch/patch_2.7.6.bb +++ b/meta/recipes-devtools/patch/patch_2.7.6.bb @@ -5,6 +5,7 @@ SRC_URI += "file://0001-Unset-need_charset_alias-when-building-for-musl.patch \ file://0002-Fix-segfault-with-mangled-rename-patch.patch \ file://0003-Allow-input-files-to-be-missing-for-ed-style-patches.patch \ file://0004-Fix-arbitrary-command-execution-in-ed-style-patches-.patch \ + file://0001-Fix-swapping-fake-lines-in-pch_swap.patch \ " SRC_URI[md5sum] = "4c68cee989d83c87b00a3860bcd05600" diff --git a/meta/recipes-devtools/perl/perl/0001-Skip-various-tests-if-PERL_BUILD_PACKAGING-is-set.patch b/meta/recipes-devtools/perl/perl/0001-Skip-various-tests-if-PERL_BUILD_PACKAGING-is-set.patch new file mode 100644 index 0000000000..c5db1b7060 --- /dev/null +++ b/meta/recipes-devtools/perl/perl/0001-Skip-various-tests-if-PERL_BUILD_PACKAGING-is-set.patch @@ -0,0 +1,126 @@ +From ba6733216202523a95b0b7ee2e534b8e30b6d7df Mon Sep 17 00:00:00 2001 +From: Dominic Hargreaves <dom@earth.li> +Date: Sat, 14 Oct 2017 16:27:53 +0200 +Subject: [PATCH] Skip various tests if PERL_BUILD_PACKAGING is set + +These are tests which tend not to be useful for downstream packagers + +t/porting/customized.t change originally from Todd Rinaldo + +Upstream-Status: Backport[https://perl5.git.perl.org/perl.git/ba6733216202523a95b0b7ee2e534b8e30b6d7df] + +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + INSTALL | 3 ++- + MANIFEST | 1 + + PACKAGING | 30 ++++++++++++++++++++++++++++++ + regen/lib_cleanup.pl | 5 +++++ + t/porting/customized.t | 1 + + t/test.pl | 3 +++ + 6 files changed, 42 insertions(+), 1 deletion(-) + create mode 100644 PACKAGING + +diff --git a/INSTALL b/INSTALL +index 636f4bd52f..1285fc69a2 100644 +--- a/INSTALL ++++ b/INSTALL +@@ -2714,4 +2714,5 @@ This document is part of the Perl package and may be distributed under + the same terms as perl itself, with the following additional request: + If you are distributing a modified version of perl (perhaps as part of + a larger package) please B<do> modify these installation instructions +-and the contact information to match your distribution. ++and the contact information to match your distribution. Additional ++information for packagers is in F<PACKAGING>. +diff --git a/MANIFEST b/MANIFEST +index b3207030a9..32de824ca1 100644 +--- a/MANIFEST ++++ b/MANIFEST +@@ -4932,6 +4932,7 @@ os2/perlrexx.c Support perl interpreter embedded in REXX + os2/perlrexx.cmd Test perl interpreter embedded in REXX + overload.h generated overload enum (public) + overload.inc generated overload name table (implementation) ++PACKAGING notes and best practice for packaging perl 5 + packsizetables.inc The generated packprops array used in pp_pack.c + pad.c Scratchpad functions + pad.h Scratchpad headers +diff --git a/PACKAGING b/PACKAGING +new file mode 100644 +index 0000000000..0c69b87ba6 +--- /dev/null ++++ b/PACKAGING +@@ -0,0 +1,30 @@ ++If you read this file _as_is_, just ignore the funny characters you ++see. It is written in the POD format (see pod/perlpod.pod) which is ++specifically designed to be readable as is. ++ ++=head1 NAME ++ ++PACKAGING - notes and best practice for packaging perl 5 ++ ++=head1 SYNOPSIS ++ ++This document is aimed at anyone who is producing their own version of ++perl for distribution to other users. It is intended as a collection ++of useful tips, advice and best practice, rather than being a complete ++packaging manual. The starting point for installing perl remains ++F<INSTALL>. ++ ++=head1 Customizing test running ++ ++A small number of porting tests (those in t/porting) are not well suited ++to typical distribution packaging scenarios. For example, they assume ++they are working in a git clone of the upstream Perl repository, or ++enforce rules which are not relevant to downstream packagers. These can ++be skipped by setting the environment variable PERL_BUILD_PACKAGING. ++A complete list of tests which this applied to can be found by searching ++the codebase for this string. ++ ++An alternative strategy would be to skip all porting tests, but many of ++them are useful if additional patches might be applied. ++ ++=cut +diff --git a/regen/lib_cleanup.pl b/regen/lib_cleanup.pl +index 5e40b405a4..6caf74a563 100644 +--- a/regen/lib_cleanup.pl ++++ b/regen/lib_cleanup.pl +@@ -164,6 +164,11 @@ if ($TAP && !-d '.git' && !-f 'lib/.gitignore') { + exit 0; + } + ++if ($ENV{'PERL_BUILD_PACKAGING'}) { ++ print "ok # skip explicitly disabled git tests by PERL_BUILD_PACKAGING\n"; ++ exit 0; ++} ++ + $fh = open_new('lib/.gitignore', '>', + { by => $0, + from => 'MANIFEST and parsing files in cpan/ dist/ and ext/'}); +diff --git a/t/porting/customized.t b/t/porting/customized.t +index 45fcafb100..5c3739198c 100644 +--- a/t/porting/customized.t ++++ b/t/porting/customized.t +@@ -13,6 +13,7 @@ BEGIN { + @INC = qw(lib Porting t); + require 'test.pl'; + skip_all("pre-computed SHA1 won't match under EBCDIC") if $::IS_EBCDIC; ++ skip_all("This distro may have modified some files in cpan/. Skipping validation.") if $ENV{'PERL_BUILD_PACKAGING'}; + } + + use strict; +diff --git a/t/test.pl b/t/test.pl +index 79e6e25e95..1782dcf73c 100644 +--- a/t/test.pl ++++ b/t/test.pl +@@ -212,6 +212,9 @@ sub find_git_or_skip { + } else { + $reason = 'not being run from a git checkout'; + } ++ if ($ENV{'PERL_BUILD_PACKAGING'}) { ++ $reason = 'PERL_BUILD_PACKAGING is set'; ++ } + skip_all($reason) if $_[0] && $_[0] eq 'all'; + skip($reason, @_); + } +-- +2.17.1 + diff --git a/meta/recipes-devtools/perl/perl/perl-test-customized.patch b/meta/recipes-devtools/perl/perl/perl-test-customized.patch deleted file mode 100644 index 90e4dcd5fb..0000000000 --- a/meta/recipes-devtools/perl/perl/perl-test-customized.patch +++ /dev/null @@ -1,86 +0,0 @@ -From 64df09205b6ccb5a434a4e53e8e0a32377ab634f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?An=C3=ADbal=20Lim=C3=B3n?= <anibal.limon@linux.intel.com> -Date: Thu, 24 Nov 2016 10:49:55 -0600 -Subject: [PATCH] The OE core recipies customize some ExtUtils-MakeMaker - modules, which causes their MD5 sum to mismatch the provided table and the - corresponding tests to fail. Also, we patch several test files with a - backported patch. Update list of hashes to reflect the patched files. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Upstream-Status: Inappropriate [embedded specific] - -Signed-off-by: Bill Randle <william.c.randle@intel.com> -Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com> ---- - t/porting/customized.dat | 16 ++++++++-------- - 1 file changed, 8 insertions(+), 8 deletions(-) - -diff --git a/t/porting/customized.dat b/t/porting/customized.dat -index defeae1..b5d3c46 100644 ---- a/t/porting/customized.dat -+++ b/t/porting/customized.dat -@@ -18,12 +18,12 @@ Encode cpan/Encode/bin/unidump 715f47c2fcc661268f3c6cd3de0d27c72b745cd2 - Encode cpan/Encode/Encode.pm e146861ff2e6aaa62defa4887eade68dd7b17c8e - Encode cpan/Encode/encoding.pm 51c19efc9bfe8467d6ae12a4654f6e7f980715bf - ExtUtils::Constant cpan/ExtUtils-Constant/t/Constant.t a0369c919e216fb02767a637666bb4577ad79b02 --ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/bin/instmodsh 5bc04a0173b8b787f465271b6186220326ae8eef -+ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/bin/instmodsh 2070fe968fa344d89aea1bdc6a8dbb0c467d0612 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/Command.pm e3a372e07392179711ea9972087c1105a2780fad - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/Command/MM.pm b72721bd6aa9bf7ec328bda99a8fdb63cac6114d - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/Liblist.pm 0e1e4c25eddb999fec6c4dc66593f76db34cfd16 --ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/Liblist/Kid.pm bfd2aa00ca4ed251f342e1d1ad704abbaf5a615e --ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm 5529ae3064365eafd99536621305d52f4ab31b45 -+ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/Liblist/Kid.pm d593d8fdc5c0ebcb6d3701c70fc6640c50d93455 -+ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker.pm bf9174c70a0e50ff2fee4552c7df89b37d292da1 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker/Config.pm bc88b275af73b8faac6abd59a9aad3f625925810 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker/FAQ.pod 062e5d14a803fbbec8d61803086a3d7997e8a473 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MakeMaker/Tutorial.pod a8a9cab7d67922ed3d6883c864e1fe29aaa6ad89 -@@ -33,7 +33,7 @@ ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/Mkbootstrap.pm 412e95c3 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/Mksymlists.pm 8559ef191b4371d0c381472464856a8a73825b2a - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM.pm 09d579ed9daea95c3bf47de2e0b8fe3aa0ff6447 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_AIX.pm f720c13748293b792f7073aa96e7daecb590b183 --ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Any.pm 243649a399d293ae7ad0f26b7eab2668aa864ce8 -+ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Any.pm ec39f68802a6fee8daaa914fc7131f40533cfc23 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_BeOS.pm b63c90129303b2c17d084fb828aa2c02a2ad85b8 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Cygwin.pm cabd1c97eaa427067811d92807e34c17940c7350 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Darwin.pm 6a185d897a600c34615a6073f4de0ac2f54fef3e -@@ -42,7 +42,7 @@ ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_MacOS.pm 1f5eb772eed - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_NW5.pm de777d7809c0d73e5d4622a29921731c7e5dff48 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_OS2.pm 01e8f08a82b5304009574e3ac0892b4066ff7639 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_QNX.pm 5340052b58557a6764f5ac9f8b807fefec404a06 --ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm 3c3b93f431b0a51b9592b3d69624dbf5409f6f74 -+ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Unix.pm 0d6ed5e4bdcdcd28e968e8629a592fdd0cc84818 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_UWIN.pm 40397f4cd2d49700b80b4ef490da98add24c5b37 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_VMS.pm 147e97fbabb74841f0733dbd5d1b9f3fa51f87c1 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_VOS.pm 3f13ed7045ff3443bcb4dd6c95c98b9bd705820f -@@ -51,7 +51,7 @@ ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MM_Win95.pm 48e8a2fe176 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/MY.pm 6fefe99045b64459905d4721f3a494d8d50f7ab9 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/lib/ExtUtils/testlib.pm 172778ad21c065a89cd270668eb9f99a7364b41c - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/t/cd.t 0a71fbd646a7be8358b07b6f64f838243cc0aef4 --ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/t/echo.t 37aec8f794c52e037540757eb5b2556f79419ff7 -+ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/t/echo.t 1a93dd8834e4bb0e5facf08204e782807567b2eb - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/t/lib/MakeMaker/Test/NoXS.pm 371cdff1b2375017907cfbc9c8f4a31f5ad10582 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/t/prereq.t 53bda2c549fd13a6b6c13a070ca6bc79883081c0 - ExtUtils::MakeMaker cpan/ExtUtils-MakeMaker/t/vstrings.t 90035a2bdbf45f15b9c3196d072d7cba7e662871 -@@ -165,7 +165,7 @@ bignum cpan/bignum/lib/bigrat.pm 7fccc9df30e43dbbae6e5ea91b26c8046545c9a9 - bignum cpan/bignum/lib/Math/BigFloat/Trace.pm a6b4b995e18f4083252e6dc72e9bef69671893dd - bignum cpan/bignum/lib/Math/BigInt/Trace.pm d9596963673760cae3eeeb752c1eeeec50bb2290 - libnet cpan/libnet/lib/Net/Cmd.pm a44a10c939a4c35f923c4638054178c32f1d283a --libnet cpan/libnet/lib/Net/Config.pm 9bd49bf4de0dc438bceee0ef4baf8ba7a6633327 -+libnet cpan/libnet/lib/Net/Config.pm 2873da5efbffed67934dd297ef6f360b3558cb0b - libnet cpan/libnet/lib/Net/Domain.pm 1bbed50f70fd1ff3e1cdf087b19a9349cddfaced - libnet cpan/libnet/lib/Net/FTP.pm 40dba553c8d44e1530daec2d07a6e50910401f2e - libnet cpan/libnet/lib/Net/FTP/A.pm c570b10730b168990034dcf9cb00e305a100f336 -@@ -176,6 +176,6 @@ libnet cpan/libnet/lib/Net/FTP/L.pm ac1599c775faee0474710e4f75051c8949f13df2 - libnet cpan/libnet/lib/Net/Netrc.pm 009cfc08f8a5bf247257acb64a21e1b6ad8b2c9c - libnet cpan/libnet/lib/Net/NNTP.pm 6325fc05fd9ef81dc8d461a77b2a3f56ad1ae114 - libnet cpan/libnet/lib/Net/POP3.pm 2d8065646df80061dae5a9e3465a36a6557165fd --libnet cpan/libnet/lib/Net/SMTP.pm f3ed7a177b49ee0ba65ac1c414de797cdbbe6886 -+libnet cpan/libnet/lib/Net/SMTP.pm f1beb42bfbef4333ed24ad63d5dd1aa5c67b20c7 - libnet cpan/libnet/lib/Net/Time.pm b3df8bbaa3bc253fbf77e8386c59a1b2aae13627 - version cpan/version/lib/version.pm ff75e2076be10bd4c05133cd979fda0b38ca8653 --- -2.1.4 - diff --git a/meta/recipes-devtools/perl/perl/run-ptest b/meta/recipes-devtools/perl/perl/run-ptest index 1e2dd1b66d..dad4d42916 100644 --- a/meta/recipes-devtools/perl/perl/run-ptest +++ b/meta/recipes-devtools/perl/perl/run-ptest @@ -1,2 +1,2 @@ #!/bin/sh -cd t && ./TEST | sed -u -e 's|\(.*\) .* ok$|PASS: \1|' -e 's|\(.*\) .* skipped|SKIP: \1|' -e 's|\(.*\) \.\(.*\)|FAIL: \1|' +cd t && PERL_BUILD_PACKAGING=1 ./TEST | sed -u -e 's|\(.*\) .* ok$|PASS: \1|' -e 's|\(.*\) .* skipped|SKIP: \1|' -e 's|\(.*\) \.\(.*\)|FAIL: \1|' diff --git a/meta/recipes-devtools/perl/perl_5.24.1.bb b/meta/recipes-devtools/perl/perl_5.24.1.bb index ac78dda4fe..1a9b8d1c3e 100644 --- a/meta/recipes-devtools/perl/perl_5.24.1.bb +++ b/meta/recipes-devtools/perl/perl_5.24.1.bb @@ -64,7 +64,6 @@ SRC_URI += " \ file://perl-PathTools-don-t-filter-out-blib-from-INC.patch \ file://perl-errno-generation-gcc5.patch \ file://perl-fix-conflict-between-skip_all-and-END.patch \ - file://perl-test-customized.patch \ file://perl-5.26.1-guard_old_libcrypt_fix.patch \ file://CVE-2017-12883.patch \ file://CVE-2017-12837.patch \ @@ -74,6 +73,7 @@ SRC_URI += " \ SRC_URI_append_class-target = " \ file://test/dist-threads-t-join.t-adjust-ps-option.patch \ file://test/ext-DynaLoader-t-DynaLoader.t-fix-calling-dl_findfil.patch \ + file://0001-Skip-various-tests-if-PERL_BUILD_PACKAGING-is-set.patch \ " SRC_URI[md5sum] = "af6a84c7c3e2b8b269c105a5db2f6d53" diff --git a/meta/recipes-devtools/python/python-3.5-manifest.inc b/meta/recipes-devtools/python/python-3.5-manifest.inc index 0260e87e75..710b22eaa3 100644 --- a/meta/recipes-devtools/python/python-3.5-manifest.inc +++ b/meta/recipes-devtools/python/python-3.5-manifest.inc @@ -194,7 +194,7 @@ FILES_${PN}-readline="${libdir}/python3.5/lib-dynload/readline.*.so ${libdir}/py SUMMARY_${PN}-reprlib="Python alternate repr() implementation" RDEPENDS_${PN}-reprlib="${PN}-core" -FILES_${PN}-reprlib="${libdir}/python3.5/reprlib.py ${libdir}/python3.5/__pycache__/reprlib.py " +FILES_${PN}-reprlib="${libdir}/python3.5/reprlib.* ${libdir}/python3.5/__pycache__/reprlib.* " SUMMARY_${PN}-resource="Python resource control interface" RDEPENDS_${PN}-resource="${PN}-core" diff --git a/meta/recipes-devtools/python/python-native_2.7.13.bb b/meta/recipes-devtools/python/python-native_2.7.14.bb index 7edf153489..5373ce6690 100644 --- a/meta/recipes-devtools/python/python-native_2.7.13.bb +++ b/meta/recipes-devtools/python/python-native_2.7.14.bb @@ -1,7 +1,7 @@ require python.inc EXTRANATIVEPATH += "bzip2-native" -DEPENDS = "openssl-native bzip2-replacement-native zlib-native readline-native sqlite3-native expat-native" +DEPENDS = "openssl-native bzip2-replacement-native zlib-native readline-native sqlite3-native expat-native gdbm-native db-native" PR = "${INC_PR}.1" SRC_URI += "\ @@ -17,6 +17,7 @@ SRC_URI += "\ file://builddir.patch \ file://parallel-makeinst-create-bindir.patch \ file://revert_use_of_sysconfigdata.patch \ + file://fix-gc-alignment.patch \ " S = "${WORKDIR}/Python-${PV}" @@ -39,6 +40,12 @@ do_configure_append() { autoreconf --verbose --install --force --exclude=autopoint ../Python-${PV}/Modules/_ctypes/libffi } +# Regenerate all of the generated files +# This ensures that pgen and friends get created during the compile phase +do_compile_prepend() { + oe_runmake regen-all +} + do_install() { oe_runmake 'DESTDIR=${D}' install install -d ${D}${bindir}/${PN} diff --git a/meta/recipes-devtools/python/python.inc b/meta/recipes-devtools/python/python.inc index b40f551ab3..979b601bf1 100644 --- a/meta/recipes-devtools/python/python.inc +++ b/meta/recipes-devtools/python/python.inc @@ -5,12 +5,12 @@ SECTION = "devel/python" # bump this on every change in contrib/python/generate-manifest-2.7.py INC_PR = "r1" -LIC_FILES_CHKSUM = "file://LICENSE;md5=6b60258130e4ed10d3101517eb5b9385" +LIC_FILES_CHKSUM = "file://LICENSE;md5=f741e51de91d4eeea5930b9c3c7fa69d" SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz" -SRC_URI[md5sum] = "53b43534153bb2a0363f08bae8b9d990" -SRC_URI[sha256sum] = "35d543986882f78261f97787fd3e06274bfa6df29fac9b4a94f73930ff98f731" +SRC_URI[md5sum] = "1f6db41ad91d9eb0a6f0c769b8613c5b" +SRC_URI[sha256sum] = "71ffb26e09e78650e424929b2b457b9c912ac216576e6bd9e7d204ed03296a66" # python recipe is actually python 2.x # also, exclude pre-releases for both python 2.x and 3.x diff --git a/meta/recipes-devtools/python/python/01-use-proper-tools-for-cross-build.patch b/meta/recipes-devtools/python/python/01-use-proper-tools-for-cross-build.patch index 366ce3e400..e795a74b91 100644 --- a/meta/recipes-devtools/python/python/01-use-proper-tools-for-cross-build.patch +++ b/meta/recipes-devtools/python/python/01-use-proper-tools-for-cross-build.patch @@ -9,6 +9,9 @@ Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Rebased for python-2.7.9 Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com> +Rebased for python-2.7.14 +Signed-off-by: Derek Straka <derek@asterius.io> + Index: Python-2.7.13/Makefile.pre.in =================================================================== --- Python-2.7.13.orig/Makefile.pre.in @@ -30,14 +33,14 @@ Index: Python-2.7.13/Makefile.pre.in # Create build directory and generate the sysconfig build-time data there. # pybuilddir.txt contains the name of the build dir and is used for -@@ -681,7 +682,7 @@ Modules/pwdmodule.o: $(srcdir)/Modules/p - - $(GRAMMAR_H): @GENERATED_COMMENT@ $(GRAMMAR_INPUT) $(PGEN) +@@ -663,7 +663,7 @@ + # Regenerate Include/graminit.h and Python/graminit.c + # from Grammar/Grammar using pgen @$(MKDIR_P) Include -- $(PGEN) $(GRAMMAR_INPUT) $(GRAMMAR_H) $(GRAMMAR_C) -+ $(HOSTPGEN) $(GRAMMAR_INPUT) $(GRAMMAR_H) $(GRAMMAR_C) - $(GRAMMAR_C): @GENERATED_COMMENT@ $(GRAMMAR_H) - touch $(GRAMMAR_C) +- $(PGEN) $(srcdir)/Grammar/Grammar \ ++ $(HOSTPGEN) $(srcdir)/Grammar/Grammar \ + $(srcdir)/Include/graminit.h \ + $(srcdir)/Python/graminit.c @@ -1121,27 +1122,27 @@ libinstall: build_all $(srcdir)/Lib/$(PL $(DESTDIR)$(LIBDEST)/distutils/tests ; \ diff --git a/meta/recipes-devtools/python/python/Don-t-use-getentropy-on-Linux.patch b/meta/recipes-devtools/python/python/Don-t-use-getentropy-on-Linux.patch deleted file mode 100644 index 38e53778dc..0000000000 --- a/meta/recipes-devtools/python/python/Don-t-use-getentropy-on-Linux.patch +++ /dev/null @@ -1,41 +0,0 @@ -Upstream-Status: Backport - -Signed-off-by: Andreas Oberritter <obi@opendreambox.org> - -From 905d1b30ac7cb0e31c57cec0533825c8f170b942 Mon Sep 17 00:00:00 2001 -From: Victor Stinner <victor.stinner@gmail.com> -Date: Mon, 9 Jan 2017 11:10:41 +0100 -Subject: [PATCH] Don't use getentropy() on Linux - -Issue #29188: Support glibc 2.24 on Linux: don't use getentropy() function but -read from /dev/urandom to get random bytes, for example in os.urandom(). On -Linux, getentropy() is implemented which getrandom() is blocking mode, whereas -os.urandom() should not block. - -(cherry picked from commit 2687486756721e39164fa9f597e468c35d495227) ---- - Python/random.c | 11 +++++++++-- - 1 file changed, 9 insertions(+), 2 deletions(-) - -diff --git a/Python/random.c b/Python/random.c -index b4bc1f3..f3f5d14 100644 ---- a/Python/random.c -+++ b/Python/random.c -@@ -94,8 +94,15 @@ win32_urandom(unsigned char *buffer, Py_ssize_t size, int raise) - } - - /* Issue #25003: Don't use getentropy() on Solaris (available since -- * Solaris 11.3), it is blocking whereas os.urandom() should not block. */ --#elif defined(HAVE_GETENTROPY) && !defined(sun) -+ Solaris 11.3), it is blocking whereas os.urandom() should not block. -+ -+ Issue #29188: Don't use getentropy() on Linux since the glibc 2.24 -+ implements it with the getrandom() syscall which can fail with ENOSYS, -+ and this error is not supported in py_getentropy() and getrandom() is called -+ with flags=0 which blocks until system urandom is initialized, which is not -+ the desired behaviour to seed the Python hash secret nor for os.urandom(): -+ see the PEP 524 which was only implemented in Python 3.6. */ -+#elif defined(HAVE_GETENTROPY) && !defined(sun) && !defined(linux) - #define PY_GETENTROPY 1 - - /* Fill buffer with size pseudo-random bytes generated by getentropy(). diff --git a/meta/recipes-devtools/python/python/fix-gc-alignment.patch b/meta/recipes-devtools/python/python/fix-gc-alignment.patch new file mode 100644 index 0000000000..b63cd08747 --- /dev/null +++ b/meta/recipes-devtools/python/python/fix-gc-alignment.patch @@ -0,0 +1,43 @@ +Upstream-Status: Submitted +Signed-off-by: Ross Burton <ross.burton@intel.com> + +Fix for over-aligned GC info +Patch by Florian Weimer + +See: https://bugzilla.redhat.com/show_bug.cgi?id=1540316 +Upstream discussion: https://mail.python.org/pipermail/python-dev/2018-January/152000.html + +diff --git a/Include/objimpl.h b/Include/objimpl.h +index 55e83eced6..aa906144dc 100644 +--- a/Include/objimpl.h ++++ b/Include/objimpl.h +@@ -248,6 +248,18 @@ PyAPI_FUNC(PyVarObject *) _PyObject_GC_Resize(PyVarObject *, Py_ssize_t); + /* for source compatibility with 2.2 */ + #define _PyObject_GC_Del PyObject_GC_Del + ++/* Former over-aligned definition of PyGC_Head, used to compute the ++ size of the padding for the new version below. */ ++union _gc_head; ++union _gc_head_old { ++ struct { ++ union _gc_head *gc_next; ++ union _gc_head *gc_prev; ++ Py_ssize_t gc_refs; ++ } gc; ++ long double dummy; ++}; ++ + /* GC information is stored BEFORE the object structure. */ + typedef union _gc_head { + struct { +@@ -255,7 +267,8 @@ typedef union _gc_head { + union _gc_head *gc_prev; + Py_ssize_t gc_refs; + } gc; +- long double dummy; /* force worst-case alignment */ ++ double dummy; /* force worst-case alignment */ ++ char dummy_padding[sizeof(union _gc_head_old)]; + } PyGC_Head; + + extern PyGC_Head *_PyGC_generation0; +
\ No newline at end of file diff --git a/meta/recipes-devtools/python/python/fix-makefile-for-ptest.patch b/meta/recipes-devtools/python/python/fix-makefile-for-ptest.patch index 669112dab0..90dcd57c04 100644 --- a/meta/recipes-devtools/python/python/fix-makefile-for-ptest.patch +++ b/meta/recipes-devtools/python/python/fix-makefile-for-ptest.patch @@ -15,7 +15,7 @@ diff -ruN a/Makefile.pre.in b/Makefile.pre.in +TESTOPTS= -l -v $(EXTRATESTOPTS) TESTPROG= $(srcdir)/Lib/test/regrtest.py -TESTPYTHON= $(RUNSHARED) ./$(BUILDPYTHON) -Wd -3 -E -tt $(TESTPYTHONOPTS) --test: all platform +-test: @DEF_MAKE_RULE@ platform - -find $(srcdir)/Lib -name '*.py[co]' -print | xargs rm -f +TESTPYTHON= $(RUNSHARED) $(BUILDPYTHON) -Wd -3 -E -tt $(TESTPYTHONOPTS) +test: build-test @@ -26,8 +26,8 @@ diff -ruN a/Makefile.pre.in b/Makefile.pre.in -$(TESTPYTHON) $(TESTPROG) $(TESTOPTS) $(TESTPYTHON) $(TESTPROG) $(TESTOPTS) -+build-test: all platform ++build-test: @DEF_MAKE_RULE@ platform + - testall: all platform + testall: @DEF_MAKE_RULE@ platform -find $(srcdir)/Lib -name '*.py[co]' -print | xargs rm -f $(TESTPYTHON) $(srcdir)/Lib/compileall.py diff --git a/meta/recipes-devtools/python/python/parallel-makeinst-create-bindir.patch b/meta/recipes-devtools/python/python/parallel-makeinst-create-bindir.patch index 951cb466ff..abab41e957 100644 --- a/meta/recipes-devtools/python/python/parallel-makeinst-create-bindir.patch +++ b/meta/recipes-devtools/python/python/parallel-makeinst-create-bindir.patch @@ -8,12 +8,12 @@ Upstream-Status: Pending --- Python-2.7.3.orig/Makefile.pre.in +++ Python-2.7.3/Makefile.pre.in -@@ -1008,7 +1008,7 @@ LIBPL= $(LIBP)/config +@@ -1187,7 +1187,7 @@ LIBPC= $(LIBDIR)/pkgconfig - - libainstall: all python-config + + libainstall: @DEF_MAKE_RULE@ python-config - @for i in $(LIBDIR) $(LIBP) $(LIBPL) $(LIBPC); \ + @for i in $(LIBDIR) $(LIBP) $(LIBPL) $(LIBPC) $(BINDIR); \ - do \ - if test ! -d $(DESTDIR)$$i; then \ - echo "Creating directory $$i"; \ + do \ + if test ! -d $(DESTDIR)$$i; then \ + echo "Creating directory $$i"; \ diff --git a/meta/recipes-devtools/python/python_2.7.13.bb b/meta/recipes-devtools/python/python_2.7.14.bb index 754c029097..35b6324970 100644 --- a/meta/recipes-devtools/python/python_2.7.13.bb +++ b/meta/recipes-devtools/python/python_2.7.14.bb @@ -26,9 +26,9 @@ SRC_URI += "\ file://parallel-makeinst-create-bindir.patch \ file://use_sysroot_ncurses_instead_of_host.patch \ file://add-CROSSPYTHONPATH-for-PYTHON_FOR_BUILD.patch \ - file://Don-t-use-getentropy-on-Linux.patch \ file://pass-missing-libraries-to-Extension-for-mul.patch \ file://support_SOURCE_DATE_EPOCH_in_py_compile_2.7.patch \ + file://fix-gc-alignment.patch \ " S = "${WORKDIR}/Python-${PV}" diff --git a/meta/recipes-devtools/valgrind/valgrind/0001-fix-opcode-not-supported-on-mips32-linux.patch b/meta/recipes-devtools/valgrind/valgrind/0001-fix-opcode-not-supported-on-mips32-linux.patch new file mode 100644 index 0000000000..39b624d9f6 --- /dev/null +++ b/meta/recipes-devtools/valgrind/valgrind/0001-fix-opcode-not-supported-on-mips32-linux.patch @@ -0,0 +1,82 @@ +From fb5362f205b37c5060fcd764a7ed393abe4f2f3d Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Fri, 27 Jul 2018 17:39:37 +0800 +Subject: [PATCH 1/2] fix opcode not supported on mips32-linux + +While build tests(`make check') on mips32-linux, there are +serial failures such as: +[snip] +| mips-wrsmllib32-linux-gcc -meb -mabi=32 -mhard-float -c +-o atomic_incs-atomic_incs.o `test -f 'atomic_incs.c' || echo +'../../../valgrind-3.13.0/memcheck/tests/'`atomic_incs.c +| /tmp/ccqrmINN.s: Assembler messages: +| /tmp/ccqrmINN.s:247: Error: opcode not supported on this +processor: mips1 (mips1) `ll $t3,0($t1)' +| /tmp/ccqrmINN.s:249: Error: opcode not supported on this +processor: mips1 (mips1) `sc $t3,0($t1)' +[snip] + +Since the following commit applied, it defines CLFAGS for mips32, +but missed to pass them to tests which caused the above failure +... +3e344c57f Merge in a port for mips32-linux +... + +Upstream-Status: Submitted [https://bugs.kde.org/show_bug.cgi?id=396905] +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + helgrind/tests/Makefile.am | 5 +++++ + memcheck/tests/Makefile.am | 5 +++++ + none/tests/mips32/Makefile.am | 4 ++++ + 3 files changed, 14 insertions(+) + +diff --git a/helgrind/tests/Makefile.am b/helgrind/tests/Makefile.am +index ad1af191a..6209d35a7 100644 +--- a/helgrind/tests/Makefile.am ++++ b/helgrind/tests/Makefile.am +@@ -214,6 +214,11 @@ check_PROGRAMS += annotate_rwlock + endif + + AM_CFLAGS += $(AM_FLAG_M3264_PRI) ++ ++if VGCONF_PLATFORMS_INCLUDE_MIPS32_LINUX ++AM_CFLAGS += $(AM_CFLAGS_MIPS32_LINUX) ++endif ++ + AM_CXXFLAGS += $(AM_FLAG_M3264_PRI) + + LDADD = -lpthread +diff --git a/memcheck/tests/Makefile.am b/memcheck/tests/Makefile.am +index 84e49405f..aff861a32 100644 +--- a/memcheck/tests/Makefile.am ++++ b/memcheck/tests/Makefile.am +@@ -443,6 +443,11 @@ check_PROGRAMS += reach_thread_register + endif + + AM_CFLAGS += $(AM_FLAG_M3264_PRI) ++ ++if VGCONF_PLATFORMS_INCLUDE_MIPS32_LINUX ++AM_CFLAGS += $(AM_CFLAGS_MIPS32_LINUX) ++endif ++ + AM_CXXFLAGS += $(AM_FLAG_M3264_PRI) + + if VGCONF_PLATFORMS_INCLUDE_ARM_LINUX +diff --git a/none/tests/mips32/Makefile.am b/none/tests/mips32/Makefile.am +index d11591d45..602cd26f6 100644 +--- a/none/tests/mips32/Makefile.am ++++ b/none/tests/mips32/Makefile.am +@@ -99,6 +99,10 @@ check_PROGRAMS = \ + round_fpu64 \ + fpu_branches + ++if VGCONF_PLATFORMS_INCLUDE_MIPS32_LINUX ++AM_CFLAGS += $(AM_CFLAGS_MIPS32_LINUX) ++endif ++ + AM_CFLAGS += @FLAG_M32@ + AM_CXXFLAGS += @FLAG_M32@ + AM_CCASFLAGS += @FLAG_M32@ +-- +2.17.1 + diff --git a/meta/recipes-devtools/valgrind/valgrind/0002-fix-broken-inline-asm-in-tests-on-mips32-linux.patch b/meta/recipes-devtools/valgrind/valgrind/0002-fix-broken-inline-asm-in-tests-on-mips32-linux.patch new file mode 100644 index 0000000000..6df295f8a2 --- /dev/null +++ b/meta/recipes-devtools/valgrind/valgrind/0002-fix-broken-inline-asm-in-tests-on-mips32-linux.patch @@ -0,0 +1,47 @@ +From 63ce36396348e7c4c021cffa652d2e3d20f7963a Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Fri, 27 Jul 2018 17:51:54 +0800 +Subject: [PATCH 2/2] fix broken inline asm in tests on mips32-linux + +While build tests(`make check') with gcc 8.1.0 on mips32-linux, +there is a failure +[snip] +|mips-wrsmllib32-linux-gcc -meb -mabi=32 -mhard-float -march=mips32 +-c -o tc08_hbl2-tc08_hbl2.o `test -f 'tc08_hbl2.c' || echo '../../../ +valgrind-3.13.0/helgrind/tests/'`tc08_hbl2.c +|/tmp/cc37aJxQ.s: Assembler messages: +|/tmp/cc37aJxQ.s:275: Error: symbol `L1xyzzy1main' is already defined +|Makefile:1323: recipe for target 'tc08_hbl2-tc08_hbl2.o' failed +[snip] + +Remove the duplicated L1xyzzy1main, and use local symbol to replace. +http://tigcc.ticalc.org/doc/gnuasm.html#SEC46 + +Upstream-Status: Submitted [https://bugs.kde.org/show_bug.cgi?id=396906] +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + helgrind/tests/tc08_hbl2.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/helgrind/tests/tc08_hbl2.c b/helgrind/tests/tc08_hbl2.c +index 2a757a008..f660d82dd 100644 +--- a/helgrind/tests/tc08_hbl2.c ++++ b/helgrind/tests/tc08_hbl2.c +@@ -121,12 +121,12 @@ + #elif defined(PLAT_mips32_linux) || defined(PLAT_mips64_linux) + # define INC(_lval,_lqual) \ + __asm__ __volatile__ ( \ +- "L1xyzzy1" _lqual":\n" \ ++ "1:\n" \ + " move $t0, %0\n" \ + " ll $t1, 0($t0)\n" \ + " addiu $t1, $t1, 1\n" \ + " sc $t1, 0($t0)\n" \ +- " beqz $t1, L1xyzzy1" _lqual \ ++ " beqz $t1, 1b\n" \ + : /*out*/ : /*in*/ "r"(&(_lval)) \ + : /*trash*/ "t0", "t1", "memory" \ + ) +-- +2.17.1 + diff --git a/meta/recipes-devtools/valgrind/valgrind/0002-remove-rpath.patch b/meta/recipes-devtools/valgrind/valgrind/0002-remove-rpath.patch deleted file mode 100644 index e9112da0cb..0000000000 --- a/meta/recipes-devtools/valgrind/valgrind/0002-remove-rpath.patch +++ /dev/null @@ -1,35 +0,0 @@ -From f96cf1f4eaa72860ab8b5e18ad10fdc704d78c5f Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin <alex.kanavin@gmail.com> -Date: Tue, 15 Dec 2015 15:01:34 +0200 -Subject: [PATCH 2/5] remove rpath - -Upstream-Status: Inappropriate [embedded config] -Signed-off-by: Saul Wold <sgw@linux.intel.com> ---- - none/tests/Makefile.am | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/none/tests/Makefile.am b/none/tests/Makefile.am -index 54f2a7e..25b0f49 100644 ---- a/none/tests/Makefile.am -+++ b/none/tests/Makefile.am -@@ -326,7 +326,6 @@ threadederrno_CFLAGS += --std=c99 - endif - tls_SOURCES = tls.c tls2.c - tls_DEPENDENCIES = tls.so tls2.so --tls_LDFLAGS = -Wl,-rpath,$(abs_top_builddir)/none/tests - tls_LDADD = tls.so tls2.so -lpthread - tls_so_SOURCES = tls_so.c - tls_so_DEPENDENCIES = tls2.so -@@ -334,7 +333,7 @@ if VGCONF_OS_IS_DARWIN - tls_so_LDFLAGS = -dynamic -dynamiclib -all_load -fpic - tls_so_LDADD = `pwd`/tls2.so - else -- tls_so_LDFLAGS = -Wl,-rpath,$(abs_top_builddir)/none/tests -shared -fPIC -+ tls_so_LDFLAGS = -shared -fPIC - tls_so_LDADD = tls2.so - endif - tls_so_CFLAGS = $(AM_CFLAGS) -fPIC --- -2.6.2 - diff --git a/meta/recipes-devtools/valgrind/valgrind/mask-CPUID-support-in-HWCAP-on-aarch64.patch b/meta/recipes-devtools/valgrind/valgrind/mask-CPUID-support-in-HWCAP-on-aarch64.patch new file mode 100644 index 0000000000..89a95b82fe --- /dev/null +++ b/meta/recipes-devtools/valgrind/valgrind/mask-CPUID-support-in-HWCAP-on-aarch64.patch @@ -0,0 +1,36 @@ +Fix runtime Valgrind failure + +This patch is derived from +https://bugzilla.redhat.com/show_bug.cgi?id=1464211 + +At runtime it will fails like this: + +ARM64 front end: branch_etc +disInstr(arm64): unhandled instruction 0xD5380001 +disInstr(arm64): 1101'0101 0011'1000 0000'0000 0000'0001 ==2082== +valgrind: Unrecognised instruction at address 0x4014e64. + +This patch is a workaround by masking all HWCAP + +Upstream-Status: Pending + +Signed-off-by: Manjukumar Matha <manjukumar.harthikote-matha@xilinx.com> + +Index: valgrind-3.13.0/coregrind/m_initimg/initimg-linux.c +=================================================================== + +--- valgrind-3.13.0.orig/coregrind/m_initimg/initimg-linux.c 2018-03-04 22:22:17.698572675 -0800 ++++ valgrind-3.13.0/coregrind/m_initimg/initimg-linux.c 2018-03-04 22:23:25.727815624 -0800 +@@ -703,6 +703,12 @@ + (and anything above) are not supported by Valgrind. */ + auxv->u.a_val &= VKI_HWCAP_S390_TE - 1; + } ++# elif defined(VGP_arm64_linux) ++ { ++ /* Linux 4.11 started populating this for arm64, but we ++ currently don't support any. */ ++ auxv->u.a_val = 0; ++ } + # endif + break; + # if defined(VGP_ppc64be_linux) || defined(VGP_ppc64le_linux) diff --git a/meta/recipes-devtools/valgrind/valgrind/ppc-headers.patch b/meta/recipes-devtools/valgrind/valgrind/ppc-headers.patch index 51259db001..4b531b42ea 100644 --- a/meta/recipes-devtools/valgrind/valgrind/ppc-headers.patch +++ b/meta/recipes-devtools/valgrind/valgrind/ppc-headers.patch @@ -12,6 +12,11 @@ The #ifdef HAS_VSX guard is wrongly placed. It makes the standard include headers not be used. Causing a build failure. Fix by moving the #ifdef HAS_VSX after the standard includes. +[v2 changes] +- Add #ifdef HAS_VSX guard correctly for ppc64 test_isa_2_06_partx.c + test cases. The changes are similar to what was done for ppc32. + +Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> Index: none/tests/ppc32/test_isa_2_06_part3.c =================================================================== --- a/none/tests/ppc32/test_isa_2_06_part3.c (revision 16449) @@ -85,3 +90,76 @@ Index: none/tests/ppc32/test_isa_2_06_part2.c #ifndef __powerpc64__ typedef uint32_t HWord_t; #else +Index: none/tests/ppc64/test_isa_2_06_part3.c +=================================================================== +--- a/none/tests/ppc64/test_isa_2_06_part3.c (revision 16449) ++++ b/none/tests/ppc64/test_isa_2_06_part3.c (revision 16450) +@@ -20,17 +20,18 @@ + The GNU General Public License is contained in the file COPYING. + */ + +-#ifdef HAS_VSX +- + #include <stdio.h> + #include <stdint.h> + #include <stdlib.h> + #include <string.h> + #include <malloc.h> +-#include <altivec.h> + #include <math.h> + #include <unistd.h> // getopt + ++#ifdef HAS_VSX ++ ++#include <altivec.h> ++ + #ifndef __powerpc64__ + typedef uint32_t HWord_t; + #else +Index: none/tests/ppc64/test_isa_2_06_part1.c +=================================================================== +--- a/none/tests/ppc64/test_isa_2_06_part1.c (revision 16449) ++++ b/none/tests/ppc64/test_isa_2_06_part1.c (revision 16450) +@@ -20,13 +20,14 @@ + The GNU General Public License is contained in the file COPYING. + */ + +-#ifdef HAS_VSX +- + #include <stdio.h> + #include <stdint.h> + #include <stdlib.h> + #include <string.h> + #include <malloc.h> ++ ++#ifdef HAS_VSX ++ + #include <altivec.h> + + #ifndef __powerpc64__ +Index: none/tests/ppc64/test_isa_2_06_part2.c +=================================================================== +--- a/none/tests/ppc64/test_isa_2_06_part2.c (revision 16449) ++++ b/none/tests/ppc64/test_isa_2_06_part2.c (revision 16450) +@@ -20,17 +20,18 @@ + The GNU General Public License is contained in the file COPYING. + */ + +-#ifdef HAS_VSX +- + #include <stdio.h> + #include <stdint.h> + #include <stdlib.h> + #include <string.h> + #include <malloc.h> +-#include <altivec.h> + #include <math.h> + #include <unistd.h> // getopt + ++#ifdef HAS_VSX ++ ++#include <altivec.h> ++ + #ifndef __powerpc64__ + typedef uint32_t HWord_t; + #else diff --git a/meta/recipes-devtools/valgrind/valgrind_3.13.0.bb b/meta/recipes-devtools/valgrind/valgrind_3.13.0.bb index bf3cfd7f36..39ec6f5cc8 100644 --- a/meta/recipes-devtools/valgrind/valgrind_3.13.0.bb +++ b/meta/recipes-devtools/valgrind/valgrind_3.13.0.bb @@ -16,7 +16,6 @@ SRC_URI = "ftp://sourceware.org/pub/valgrind/valgrind-${PV}.tar.bz2 \ file://fixed-perl-path.patch \ file://Added-support-for-PPC-instructions-mfatbu-mfatbl.patch \ file://run-ptest \ - file://0002-remove-rpath.patch \ file://0004-Fix-out-of-tree-builds.patch \ file://0005-Modify-vg_test-wrapper-to-support-PTEST-formats.patch \ file://0001-Remove-tests-that-fail-to-build-on-some-PPC32-config.patch \ @@ -37,6 +36,9 @@ SRC_URI = "ftp://sourceware.org/pub/valgrind/valgrind-${PV}.tar.bz2 \ file://0003-tests-seg_override-Replace-__modify_ldt-with-syscall.patch \ file://link-gz-tests.patch \ file://ppc-headers.patch \ + file://mask-CPUID-support-in-HWCAP-on-aarch64.patch \ + file://0001-fix-opcode-not-supported-on-mips32-linux.patch \ + file://0002-fix-broken-inline-asm-in-tests-on-mips32-linux.patch \ " SRC_URI[md5sum] = "817dd08f1e8a66336b9ff206400a5369" SRC_URI[sha256sum] = "d76680ef03f00cd5e970bbdcd4e57fb1f6df7d2e2c071635ef2be74790190c3b" @@ -54,7 +56,6 @@ COMPATIBLE_HOST_linux-gnux32 = 'null' COMPATIBLE_HOST_linux-muslx32 = 'null' # Disable for some MIPS variants -COMPATIBLE_HOST_mipsarchn32 = 'null' COMPATIBLE_HOST_mipsarchr6 = 'null' inherit autotools ptest multilib_header @@ -86,6 +87,8 @@ def get_mcpu(d): do_configure_prepend () { rm -rf ${S}/config.h + sed -i -e 's:$(abs_top_builddir):$(pkglibdir)/ptest:g' ${S}/none/tests/Makefile.am + sed -i -e 's:$(top_builddir):$(pkglibdir)/ptest:g' ${S}/memcheck/tests/Makefile.am } do_install_append () { |