diff options
Diffstat (limited to 'meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8504.patch')
| -rw-r--r-- | meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8504.patch | 75 |
1 files changed, 0 insertions, 75 deletions
diff --git a/meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8504.patch b/meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8504.patch deleted file mode 100644 index b4d1d1ff61..0000000000 --- a/meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8504.patch +++ /dev/null @@ -1,75 +0,0 @@ -Upstream-Status: Backport - -CVE-2014-8504 fix. - -[YOCTO #7084] - -Signed-off-by: Armin Kuster <akuster808@gmail.com> - -From 708d7d0d11f0f2d776171979aa3479e8e12a38a0 Mon Sep 17 00:00:00 2001 -From: Nick Clifton <nickc@redhat.com> -Date: Tue, 28 Oct 2014 10:48:14 +0000 -Subject: [PATCH] This patch fixes a flaw in the SREC parser which could cause - a stack overflow and potential secuiryt breach. - - PR binutils/17510 - * srec.c (srec_bad_byte): Increase size of buf to allow for - negative values. - (srec_scan): Use an unsigned char buffer to hold header bytes. ---- - bfd/ChangeLog | 8 ++++++++ - bfd/elf.c | 2 +- - bfd/peXXigen.c | 1 - - bfd/srec.c | 4 ++-- - 4 files changed, 11 insertions(+), 4 deletions(-) - -Index: binutils-2.24/bfd/ChangeLog -=================================================================== ---- binutils-2.24.orig/bfd/ChangeLog -+++ binutils-2.24/bfd/ChangeLog -@@ -1,3 +1,11 @@ -+2014-10-28 Andreas Schwab <schwab@suse.de> -+ Nick Clifton <nickc@redhat.com> -+ -+ PR binutils/17510 -+ * srec.c (srec_bad_byte): Increase size of buf to allow for -+ negative values. -+ (srec_scan): Use an unsigned char buffer to hold header bytes. -+ - 2014-10-30 Nick Clifton <nickc@redhat.com> - - PR binutils/17512 -Index: binutils-2.24/bfd/peXXigen.c -=================================================================== ---- binutils-2.24.orig/bfd/peXXigen.c -+++ binutils-2.24/bfd/peXXigen.c -@@ -471,7 +471,6 @@ _bfd_XXi_swap_aouthdr_in (bfd * abfd, - a->NumberOfRvaAndSizes = 0; - } - -- - for (idx = 0; idx < a->NumberOfRvaAndSizes; idx++) - { - /* If data directory is empty, rva also should be 0. */ -Index: binutils-2.24/bfd/srec.c -=================================================================== ---- binutils-2.24.orig/bfd/srec.c -+++ binutils-2.24/bfd/srec.c -@@ -248,7 +248,7 @@ srec_bad_byte (bfd *abfd, - } - else - { -- char buf[10]; -+ char buf[40]; - - if (! ISPRINT (c)) - sprintf (buf, "\\%03o", (unsigned int) c); -@@ -454,7 +454,7 @@ srec_scan (bfd *abfd) - case 'S': - { - file_ptr pos; -- char hdr[3]; -+ unsigned char hdr[3]; - unsigned int bytes, min_bytes; - bfd_vma address; - bfd_byte *data; |