diff options
author | Armin Kuster <akuster808@gmail.com> | 2017-06-17 10:20:51 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-08-29 15:11:38 +0100 |
commit | e80d454711f67a9a3a2a43bb7d9ff911c4664a84 (patch) | |
tree | a3a8355aa4034f1f38fb3079e5b96a4ad460714a /meta/recipes-core | |
parent | 139d15f4af282eeef0a7f368eef518f400a4471a (diff) | |
download | openembedded-core-e80d454711f67a9a3a2a43bb7d9ff911c4664a84.tar.gz |
glibc: Security fix CVE-2016-6323
arm: mark __startcontext as .cantunwind, GNU
CVE: CVE-2016-6323
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta/recipes-core')
-rw-r--r-- | meta/recipes-core/glibc/glibc/CVE-2016-6323.patch | 39 | ||||
-rw-r--r-- | meta/recipes-core/glibc/glibc_2.24.bb | 1 |
2 files changed, 40 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc/CVE-2016-6323.patch b/meta/recipes-core/glibc/glibc/CVE-2016-6323.patch new file mode 100644 index 0000000000..f9b9fa50d9 --- /dev/null +++ b/meta/recipes-core/glibc/glibc/CVE-2016-6323.patch @@ -0,0 +1,39 @@ +glibc-2.24: Fix CVE-2016-6323 + +[No upstream tracking] -- https://sourceware.org/bugzilla/show_bug.cgi?id=20435 + +arm: mark __startcontext as .cantunwind, GNU + +Glibc bug where the makecontext function would create +an execution context which is incompatible with the unwinder, +causing it to hang when the generation of a backtrace is attempted. + +Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617] +CVE: CVE-2016-6323 +Signed-off-by: Andrej Valek <andrej.valek@siemens.com> +Signed-off-by: Pascal Bach <pascal.bach@siemens.com> + +diff --git a/sysdeps/unix/sysv/linux/arm/setcontext.S b/sysdeps/unix/sysv/linux/arm/setcontext.S +index 603e508..d1f168f 100644 +--- a/sysdeps/unix/sysv/linux/arm/setcontext.S ++++ b/sysdeps/unix/sysv/linux/arm/setcontext.S +@@ -86,12 +86,19 @@ weak_alias(__setcontext, setcontext) + + /* Called when a makecontext() context returns. Start the + context in R4 or fall through to exit(). */ ++ /* Unwind descriptors are looked up based on PC - 2, so we have to ++ make sure to mark the instruction preceding the __startcontext ++ label as .cantunwind. */ ++ .fnstart ++ .cantunwind ++ nop + ENTRY(__startcontext) + movs r0, r4 + bne PLTJMP(__setcontext) + + @ New context was 0 - exit + b PLTJMP(HIDDEN_JUMPTARGET(exit)) ++ .fnend + END(__startcontext) + + #ifdef PIC diff --git a/meta/recipes-core/glibc/glibc_2.24.bb b/meta/recipes-core/glibc/glibc_2.24.bb index b60b692723..08ae45947f 100644 --- a/meta/recipes-core/glibc/glibc_2.24.bb +++ b/meta/recipes-core/glibc/glibc_2.24.bb @@ -38,6 +38,7 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ file://0025-Define-DUMMY_LOCALE_T-if-not-defined.patch \ file://0026-build_local_scope.patch \ file://0028-Bug-20116-Fix-use-after-free-in-pthread_create.patch \ + file://CVE-2016-6323.patch \ " SRC_URI += "\ |