diff options
author | pgowda <pgowda.cve@gmail.com> | 2022-09-06 10:18:26 +0530 |
---|---|---|
committer | Steve Sakoman <steve@sakoman.com> | 2022-09-06 07:10:59 -1000 |
commit | 9644d9a38dac8d2c0263f4e8a67624da7a8bc55b (patch) | |
tree | 8ab78ced0e0092a7c8463b35aa1816c7f7be1f33 | |
parent | 40bbdb43b247ffc5dd1990f51fb824a089c0987f (diff) | |
download | openembedded-core-9644d9a38dac8d2c0263f4e8a67624da7a8bc55b.tar.gz |
binutils : CVE-2022-38533
Upstream-Status: Backport
[https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ef186fe54aa6d281a3ff8a9528417e5cc614c797]
Signed-off-by: pgowda <pgowda.cve@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.38.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/0015-CVE-2022-38533.patch | 36 |
2 files changed, 37 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index eed252976a..8aa8295881 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -33,5 +33,6 @@ SRC_URI = "\ file://0012-Check-for-clang-before-checking-gcc-version.patch \ file://0013-Avoid-as-info-race-condition.patch \ file://0014-CVE-2019-1010204.patch \ + file://0015-CVE-2022-38533.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-38533.patch b/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-38533.patch new file mode 100644 index 0000000000..5d9ac2cb1f --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0015-CVE-2022-38533.patch @@ -0,0 +1,36 @@ +From ef186fe54aa6d281a3ff8a9528417e5cc614c797 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Sat, 13 Aug 2022 15:32:47 +0930 +Subject: [PATCH] PR29482 - strip: heap-buffer-overflow + + PR 29482 + * coffcode.h (coff_set_section_contents): Sanity check _LIB. + +Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ef186fe54aa6d281a3ff8a9528417e5cc614c797] + +Signed-off-by: Pgowda <pgowda.cve@gmail.com> + +--- + bfd/coffcode.h | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/bfd/coffcode.h b/bfd/coffcode.h +index 67aaf158ca1..52027981c3f 100644 +--- a/bfd/coffcode.h ++++ b/bfd/coffcode.h +@@ -4302,10 +4302,13 @@ coff_set_section_contents (bfd * abfd, + + rec = (bfd_byte *) location; + recend = rec + count; +- while (rec < recend) ++ while (recend - rec >= 4) + { ++ size_t len = bfd_get_32 (abfd, rec); ++ if (len == 0 || len > (size_t) (recend - rec) / 4) ++ break; ++ rec += len * 4; + ++section->lma; +- rec += bfd_get_32 (abfd, rec) * 4; + } + + BFD_ASSERT (rec == recend); |