diff options
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.29.1.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-14940.patch | 47 |
2 files changed, 48 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.29.1.inc b/meta/recipes-devtools/binutils/binutils-2.29.1.inc index 4abfbbf76b..bd25a525be 100644 --- a/meta/recipes-devtools/binutils/binutils-2.29.1.inc +++ b/meta/recipes-devtools/binutils/binutils-2.29.1.inc @@ -43,6 +43,7 @@ SRC_URI = "\ file://CVE-2017-14934.patch \ file://CVE-2017-14938.patch \ file://CVE-2017-14939.patch \ + file://CVE-2017-14940.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14940.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14940.patch new file mode 100644 index 0000000000..49b0bdc546 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14940.patch @@ -0,0 +1,47 @@ +From 0d76029f92182c3682d8be2c833d45bc9a2068fe Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Sun, 24 Sep 2017 14:35:33 +0930 +Subject: [PATCH] PR22167, NULL pointer dereference in scan_unit_for_symbols + + PR 22167 + * dwarf2.c (scan_unit_for_symbols): Check u.blk->data is non-NULL. + +Upstream-Status: Backport +Affects: <= 2.29.1 +CVE: CVE-2017-14940 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + bfd/ChangeLog | 5 +++++ + bfd/dwarf2.c | 3 ++- + 2 files changed, 7 insertions(+), 1 deletion(-) + +Index: git/bfd/dwarf2.c +=================================================================== +--- git.orig/bfd/dwarf2.c ++++ git/bfd/dwarf2.c +@@ -3202,7 +3202,8 @@ scan_unit_for_symbols (struct comp_unit + case DW_FORM_block2: + case DW_FORM_block4: + case DW_FORM_exprloc: +- if (*attr.u.blk->data == DW_OP_addr) ++ if (attr.u.blk->data != NULL ++ && *attr.u.blk->data == DW_OP_addr) + { + var->stack = 0; + +Index: git/bfd/ChangeLog +=================================================================== +--- git.orig/bfd/ChangeLog ++++ git/bfd/ChangeLog +@@ -1,5 +1,10 @@ + 2017-09-24 Alan Modra <amodra@gmail.com> + ++ PR 22167 ++ * dwarf2.c (scan_unit_for_symbols): Check u.blk->data is non-NULL. ++ ++2017-09-24 Alan Modra <amodra@gmail.com> ++ + PR 22169 + * dwarf2.c (decode_line_info): Correct .debug_line unit_length check. + |