1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
From 76800cba595efc3fe95a446c2d664e42ae4ee869 Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Thu, 15 Jun 2017 12:08:57 +0100
Subject: [PATCH] Handle EITR records in VMS Alpha binaries with overlarge
command length parameters.
PR binutils/21579
* vms-alpha.c (_bfd_vms_slurp_etir): Extend check of cmd_length.
Upstream-Status: Backport
CVE: CVE-2017-9745
Signed-off-by: Armin Kuster <akuster@mvista.com>
---
bfd/ChangeLog | 5 +++++
bfd/vms-alpha.c | 16 ++++++++--------
2 files changed, 13 insertions(+), 8 deletions(-)
Index: git/bfd/vms-alpha.c
===================================================================
--- git.orig/bfd/vms-alpha.c
+++ git/bfd/vms-alpha.c
@@ -1741,6 +1741,12 @@ _bfd_vms_slurp_etir (bfd *abfd, struct b
_bfd_hexdump (8, ptr, cmd_length - 4, 0);
#endif
+#if VMS_DEBUG
+ _bfd_vms_debug (4, "etir: %s(%d)\n",
+ _bfd_vms_etir_name (cmd), cmd);
+ _bfd_hexdump (8, ptr, cmd_length - 4, 0);
+#endif
+
switch (cmd)
{
/* Stack global
|