diff options
author | Armin Kuster <akuster@mvista.com> | 2019-08-31 08:40:01 -0700 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2019-09-04 08:22:03 -0700 |
commit | 125c77be468adf8b3be8d00f99d80bd77f7d2e1e (patch) | |
tree | ab09d2fdcf0a17eda5d78eb543b38943b04c38e7 /meta | |
parent | 7e62ca2a518f1fe6e2f3c7098d17ed0b73ece48c (diff) | |
download | openembedded-core-contrib-125c77be468adf8b3be8d00f99d80bd77f7d2e1e.tar.gz |
gcc-8.3: Security fix for CVE-2019-14250
Affects < 9.2
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-devtools/gcc/gcc-8.3.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/gcc/gcc-8.3/CVE-2019-14250.patch | 44 |
2 files changed, 45 insertions, 0 deletions
diff --git a/meta/recipes-devtools/gcc/gcc-8.3.inc b/meta/recipes-devtools/gcc/gcc-8.3.inc index dce85a2943..80f716aeac 100644 --- a/meta/recipes-devtools/gcc/gcc-8.3.inc +++ b/meta/recipes-devtools/gcc/gcc-8.3.inc @@ -74,6 +74,7 @@ SRC_URI = "\ file://0041-Add-a-recursion-limit-to-libiberty-s-demangling-code.patch \ file://0042-PR-debug-86964.patch \ file://0043-PR85434-Prevent-spilling-of-stack-protector-guard-s-.patch \ + file://CVE-2019-14250.patch \ " SRC_URI[md5sum] = "65b210b4bfe7e060051f799e0f994896" SRC_URI[sha256sum] = "64baadfe6cc0f4947a84cb12d7f0dfaf45bb58b7e92461639596c21e02d97d2c" diff --git a/meta/recipes-devtools/gcc/gcc-8.3/CVE-2019-14250.patch b/meta/recipes-devtools/gcc/gcc-8.3/CVE-2019-14250.patch new file mode 100644 index 0000000000..e327684e16 --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc-8.3/CVE-2019-14250.patch @@ -0,0 +1,44 @@ +From a4f1b58eb48b349a5f353bc69c30be553506d33b Mon Sep 17 00:00:00 2001 +From: rguenth <rguenth@138bc75d-0d04-0410-961f-82ee72b054a4> +Date: Thu, 25 Jul 2019 10:48:26 +0000 +Subject: [PATCH] 2019-07-25 Richard Biener <rguenther@suse.de> + + PR lto/90924 + Backport from mainline + 2019-07-12 Ren Kimura <rkx1209dev@gmail.com> + + * simple-object-elf.c (simple_object_elf_match): Check zero value + shstrndx. + + +git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-8-branch@273794 138bc75d-0d04-0410-961f-82ee72b054a4 + +Upstream-Status: Backport +Affectes: < 9.2 +CVE: CVE-2019-14250 +Dropped changelog +Signed-off-by: Armin Kuster <Akustre@mvista.com> + +--- + libiberty/simple-object-elf.c | 8 ++++++++ + 2 files changed, 17 insertions(+) + +Index: gcc-8.2.0/libiberty/simple-object-elf.c +=================================================================== +--- gcc-8.2.0.orig/libiberty/simple-object-elf.c ++++ gcc-8.2.0/libiberty/simple-object-elf.c +@@ -549,6 +549,14 @@ simple_object_elf_match (unsigned char h + return NULL; + } + ++ if (eor->shstrndx == 0) ++ { ++ *errmsg = "invalid ELF shstrndx == 0"; ++ *err = 0; ++ XDELETE (eor); ++ return NULL; ++ } ++ + return (void *) eor; + } + |