diff options
author | Thiruvadi Rajaraman <trajaraman@mvista.com> | 2017-09-20 13:52:00 +0530 |
---|---|---|
committer | Armin Kuster <akuster@mvista.com> | 2017-11-23 17:40:47 -0800 |
commit | 7cbc0f10265deb1d5aae38c254bbc7c288d82710 (patch) | |
tree | 3f18b69924b4b4900e214583bdb91ff83e79f11c /meta/recipes-devtools/binutils/binutils-2.27.inc | |
parent | 1926240b0fb3967a5c52e9caf6dfb4fc2e66cb23 (diff) | |
download | openembedded-core-contrib-7cbc0f10265deb1d5aae38c254bbc7c288d82710.tar.gz |
binutils: CVE-2017-8398
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74127
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 410078b468de6dc1c908342283a6abe5bdf38d54
Description:
Fix heap-buffer overflow bugs caused when dumping debug information from a corrupt binary.
PR binutils/21438
* dwarf.c (process_extended_line_op): Do not assume that the
string extracted from the section is NUL terminated.
(fetch_indirect_string): If the string retrieved from the section
is not NUL terminated, return an error message.
(fetch_indirect_line_string): Likewise.
(fetch_indexed_string): Likewise.
Affects: <= 2.29
Author: Nick Clifton <nickc@redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta/recipes-devtools/binutils/binutils-2.27.inc')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.27.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc index a455b0192c..35e26fc0dd 100644 --- a/meta/recipes-devtools/binutils/binutils-2.27.inc +++ b/meta/recipes-devtools/binutils/binutils-2.27.inc @@ -75,6 +75,7 @@ SRC_URI = "\ file://CVE-2017-8421.patch \ file://CVE-2017-8394_1.patch \ file://CVE-2017-8394.patch \ + file://CVE-2017-8398.patch \ " S = "${WORKDIR}/git" |