diff options
author | Yuanjie Huang <Yuanjie.Huang@windriver.com> | 2017-05-31 01:37:59 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-08-29 15:11:36 +0100 |
commit | 066a7acc4c19a4ef3428d0a7c695a2b08f45bc14 (patch) | |
tree | c8119dc3be6b87fc8898f6856d62ef01998905bf /meta/recipes-devtools | |
parent | fd7a91e2a6db1fb806c57c137f72efcffbf1f26b (diff) | |
download | openembedded-core-066a7acc4c19a4ef3428d0a7c695a2b08f45bc14.tar.gz |
binutils: fix CVE-2017-7210
CVE: CVE-2017-7210
[BZ 21157] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21157
PR binutils/21157: Fix handling of corrupt STABS enum type strings.
Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta/recipes-devtools')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.27.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-7210.patch | 71 |
2 files changed, 72 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc index 5dca05e898..0936d974d4 100644 --- a/meta/recipes-devtools/binutils/binutils-2.27.inc +++ b/meta/recipes-devtools/binutils/binutils-2.27.inc @@ -44,6 +44,7 @@ SRC_URI = "\ file://CVE-2017-6969.patch \ file://CVE-2017-6969_2.patch \ file://CVE-2017-7209.patch \ + file://CVE-2017-7210.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-7210.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-7210.patch new file mode 100644 index 0000000000..211d2bfd80 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-7210.patch @@ -0,0 +1,71 @@ +From 80958b04c91edcd41c42807225a7ad1b2a4ce0e6 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Tue, 14 Feb 2017 14:07:29 +0000 +Subject: Fix handling of corrupt STABS enum type strings. + + PR binutils/21157 + * stabs.c (parse_stab_enum_type): Check for corrupt NAME:VALUE + pairs. + (parse_number): Exit early if passed an empty string. + +CVE: CVE-2017-7210 +Upstream-Status: Backport [master] + +Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com> +--- + binutils/ChangeLog | 7 +++++++ + binutils/stabs.c | 14 +++++++++++++- + 2 files changed, 20 insertions(+), 1 deletion(-) + +diff --git a/binutils/ChangeLog b/binutils/ChangeLog +index c4d8e60eca..2bae9ec587 100644 +--- a/binutils/ChangeLog ++++ b/binutils/ChangeLog +@@ -1,3 +1,10 @@ ++2017-02-14 Nick Clifton <nickc@redhat.com> ++ ++ PR binutils/21157 ++ * stabs.c (parse_stab_enum_type): Check for corrupt NAME:VALUE ++ pairs. ++ (parse_number): Exit early if passed an empty string. ++ + 2017-02-13 Nick Clifton <nickc@redhat.com> + + PR binutils/21135 +diff --git a/binutils/stabs.c b/binutils/stabs.c +index aebde7afe9..c425afe98e 100644 +--- a/binutils/stabs.c ++++ b/binutils/stabs.c +@@ -232,6 +232,10 @@ parse_number (const char **pp, bfd_boolean *poverflow) + + orig = *pp; + ++ /* Stop early if we are passed an empty string. */ ++ if (*orig == 0) ++ return (bfd_vma) 0; ++ + errno = 0; + ul = strtoul (*pp, (char **) pp, 0); + if (ul + 1 != 0 || errno == 0) +@@ -1975,9 +1979,17 @@ parse_stab_enum_type (void *dhandle, const char **pp) + bfd_signed_vma val; + + p = *pp; +- while (*p != ':') ++ while (*p != ':' && *p != 0) + ++p; + ++ if (*p == 0) ++ { ++ bad_stab (orig); ++ free (names); ++ free (values); ++ return DEBUG_TYPE_NULL; ++ } ++ + name = savestring (*pp, p - *pp); + + *pp = p + 1; +-- +2.11.0 + |