diff options
author | Thiruvadi Rajaraman <trajaraman@mvista.com> | 2017-09-21 19:14:03 +0530 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-01-07 17:09:47 +0000 |
commit | fe9fed67e2f62223626f6683b197bc3b55092d54 (patch) | |
tree | dba9c792111265b913011798005ea6ef54fadfa8 /meta/recipes-devtools/binutils | |
parent | 2a13567ea790d71a36eab0293f5a1918ef447e13 (diff) | |
download | openembedded-core-contrib-fe9fed67e2f62223626f6683b197bc3b55092d54.tar.gz |
binutils: CVE-2017-9748
Source: binutils-gdb.git
MR: 74023
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: efff4d9ed538ff859ab5105a3594690e860d0779
Description:
Avoid a possible compiler bug by using a static buffer instead of a stack local buffer.
PR binutils/21582
* ieee.c (ieee_object_p): Use a static buffer to avoid compiler
bugs.
Affects: <= 2.28
Author: Nick Clifton <nickc@redhat.com>
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta/recipes-devtools/binutils')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.27.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-9748.patch | 45 |
2 files changed, 46 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc index 8d2c9d7031..cb745b13ba 100644 --- a/meta/recipes-devtools/binutils/binutils-2.27.inc +++ b/meta/recipes-devtools/binutils/binutils-2.27.inc @@ -81,6 +81,7 @@ SRC_URI = "\ file://CVE-2017-9751.patch \ file://CVE-2017-9749.patch \ file://CVE-2017-9746.patch \ + file://CVE-2017-9748.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9748.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9748.patch new file mode 100644 index 0000000000..ea1f0dd62b --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9748.patch @@ -0,0 +1,45 @@ +commit 63634bb4a107877dd08b6282e28e11cfd1a1649e +Author: Nick Clifton <nickc@redhat.com> +Date: Thu Jun 15 12:44:23 2017 +0100 + + Avoid a possible compiler bug by using a static buffer instead of a stack local buffer. + + PR binutils/21582 + * ieee.c (ieee_object_p): Use a static buffer to avoid compiler + bugs. + +Upstream-Status: Backport + +CVE: CVE-2017-9748 +Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> + +Index: git/bfd/ieee.c +=================================================================== +--- git.orig/bfd/ieee.c 2017-09-21 13:53:50.891154141 +0530 ++++ git/bfd/ieee.c 2017-09-21 13:54:00.715232229 +0530 +@@ -1871,7 +1871,7 @@ + char *processor; + unsigned int part; + ieee_data_type *ieee; +- unsigned char buffer[300]; ++ static unsigned char buffer[300]; + ieee_data_type *save = IEEE_DATA (abfd); + bfd_size_type amt; + +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog 2017-09-21 13:54:00.483230385 +0530 ++++ git/bfd/ChangeLog 2017-09-21 13:57:44.885008549 +0530 +@@ -73,6 +73,12 @@ + (evax_bfd_print_egsd): Check for an overlarge record length. + (evax_bfd_print_etir): Likewise. + ++2017-06-15 Nick Clifton <nickc@redhat.com> ++ ++ PR binutils/21582 ++ * ieee.c (ieee_object_p): Use a static buffer to avoid compiler ++ bugs. ++ + 2017-04-29 Alan Modra <amodra@gmail.com> + + PR 21432 |