diff options
Diffstat (limited to 'meta/recipes-devtools/elfutils/files/CVE-2018-16062.patch')
-rw-r--r-- | meta/recipes-devtools/elfutils/files/CVE-2018-16062.patch | 79 |
1 files changed, 0 insertions, 79 deletions
diff --git a/meta/recipes-devtools/elfutils/files/CVE-2018-16062.patch b/meta/recipes-devtools/elfutils/files/CVE-2018-16062.patch deleted file mode 100644 index cfeb1ca13c..0000000000 --- a/meta/recipes-devtools/elfutils/files/CVE-2018-16062.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 29e31978ba51c1051743a503ee325b5ebc03d7e9 Mon Sep 17 00:00:00 2001 -From: Mark Wielaard <mark@klomp.org> -Date: Sat, 18 Aug 2018 13:27:48 +0200 -Subject: [PATCH] libdw, readelf: Make sure there is enough data to read full - aranges header. - -dwarf_getaranges didn't check if there was enough data left to read both -the address and segment size. readelf didn't check there was enough data -left to read the segment size. - -https://sourceware.org/bugzilla/show_bug.cgi?id=23541 - -CVE: CVE-2018-16062 -Upstream-Status: Backport - -Signed-off-by: Mark Wielaard <mark@klomp.org> ---- - libdw/ChangeLog | 5 +++++ - libdw/dwarf_getaranges.c | 4 ++++ - src/ChangeLog | 5 +++++ - src/readelf.c | 2 ++ - 4 files changed, 16 insertions(+) - -diff --git a/libdw/ChangeLog b/libdw/ChangeLog -index cb4f34e..472d922 100644 ---- a/libdw/ChangeLog -+++ b/libdw/ChangeLog -@@ -1,3 +1,8 @@ -+2018-08-18 Mark Wielaard <mark@klomp.org> -+ -+ * dwarf_getaranges.c (dwarf_getaranges.c): Make sure there is enough -+ data to read the address and segment size. -+ - 2018-06-28 Mark Wielaard <mark@klomp.org> - - * dwarf_next_cfi.c (dwarf_next_cfi): Check whether length is zero. -diff --git a/libdw/dwarf_getaranges.c b/libdw/dwarf_getaranges.c -index bff9c86..de5b81b 100644 ---- a/libdw/dwarf_getaranges.c -+++ b/libdw/dwarf_getaranges.c -@@ -148,6 +148,10 @@ dwarf_getaranges (Dwarf *dbg, Dwarf_Aranges **aranges, size_t *naranges) - length_bytes, &offset, IDX_debug_info, 4)) - goto fail; - -+ /* Next up two bytes for address and segment size. */ -+ if (readp + 2 > readendp) -+ goto invalid; -+ - unsigned int address_size = *readp++; - if (unlikely (address_size != 4 && address_size != 8)) - goto invalid; -diff --git a/src/ChangeLog b/src/ChangeLog -index 8c89f83..2f9f774 100644 ---- a/src/ChangeLog -+++ b/src/ChangeLog -@@ -1,3 +1,8 @@ -+2018-08-18 Mark Wielaard <mark@klomp.org> -+ -+ * readelf.c (print_debug_aranges_section): Make sure there is enough -+ data to read the header segment size. -+ - 2018-06-25 Mark Wielaard <mark@klomp.org> - - * readelf.c (print_decoded_line_section): Use dwarf_next_lines -diff --git a/src/readelf.c b/src/readelf.c -index 7b5707f..7b488ac 100644 ---- a/src/readelf.c -+++ b/src/readelf.c -@@ -5447,6 +5447,8 @@ print_debug_aranges_section (Dwfl_Module *dwflmod __attribute__ ((unused)), - goto next_table; - } - -+ if (readp + 1 > readendp) -+ goto invalid_data; - unsigned int segment_size = *readp++; - printf (gettext (" Segment size: %6" PRIu64 "\n\n"), - (uint64_t) segment_size); --- -2.9.3 |