[gnome-continuous-yocto/gnomeostree-3.28-rocko: 6031/8267] binutils: fix CVE-2017-7210
- From: Emmanuele Bassi <ebassi src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gnome-continuous-yocto/gnomeostree-3.28-rocko: 6031/8267] binutils: fix CVE-2017-7210
- Date: Sun, 17 Dec 2017 04:16:20 +0000 (UTC)
commit 12f9c4ca9f75cc1186e8b4eac3aa9a1e561db4b1
Author: Yuanjie Huang <yuanjie huang windriver com>
Date: Thu May 25 19:40:41 2017 -0700
binutils: fix CVE-2017-7210
CVE: CVE-2017-7210
[BZ 21157] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21157
PR binutils/21157: Fix handling of corrupt STABS enum type strings.
(From OE-Core rev: d12a99cba6c9dc9e1f6bc3a7ca8057f07e9cb950)
Signed-off-by: Yuanjie Huang <yuanjie huang windriver com>
Signed-off-by: Richard Purdie <richard purdie linuxfoundation org>
meta/recipes-devtools/binutils/binutils-2.28.inc | 1 +
.../binutils/binutils/CVE-2017-7210.patch | 71 ++++++++++++++++++++
2 files changed, 72 insertions(+), 0 deletions(-)
---
diff --git a/meta/recipes-devtools/binutils/binutils-2.28.inc
b/meta/recipes-devtools/binutils/binutils-2.28.inc
index ed571b3..40b518b 100644
--- a/meta/recipes-devtools/binutils/binutils-2.28.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.28.inc
@@ -42,6 +42,7 @@ SRC_URI = "\
file://CVE-2017-6969.patch \
file://CVE-2017-6969_2.patch \
file://CVE-2017-7209.patch \
+ file://CVE-2017-7210.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-7210.patch
b/meta/recipes-devtools/binutils/binutils/CVE-2017-7210.patch
new file mode 100644
index 0000000..8791792
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-7210.patch
@@ -0,0 +1,71 @@
+From 4da598a472e1d298825035e452e3bc68f714311c Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc redhat com>
+Date: Tue, 14 Feb 2017 14:07:29 +0000
+Subject: Fix handling of corrupt STABS enum type strings.
+
+ PR binutils/21157
+ * stabs.c (parse_stab_enum_type): Check for corrupt NAME:VALUE
+ pairs.
+ (parse_number): Exit early if passed an empty string.
+
+CVE: CVE-2017-7210
+Upstream-Status: Backport [master]
+
+Signed-off-by: Yuanjie Huang <yuanjie huang windriver com>
+---
+ binutils/ChangeLog | 7 +++++++
+ binutils/stabs.c | 14 +++++++++++++-
+ 2 files changed, 20 insertions(+), 1 deletion(-)
+
+diff --git a/binutils/ChangeLog b/binutils/ChangeLog
+index cf92744c12..0045fbaaa6 100644
+--- a/binutils/ChangeLog
++++ b/binutils/ChangeLog
+@@ -1,3 +1,10 @@
++2017-02-14 Nick Clifton <nickc redhat com>
++
++ PR binutils/21157
++ * stabs.c (parse_stab_enum_type): Check for corrupt NAME:VALUE
++ pairs.
++ (parse_number): Exit early if passed an empty string.
++
+ 2017-02-13 Nick Clifton <nickc redhat com>
+
+ PR binutils/21135
+diff --git a/binutils/stabs.c b/binutils/stabs.c
+index f5c5d2d8e0..5d013cc361 100644
+--- a/binutils/stabs.c
++++ b/binutils/stabs.c
+@@ -232,6 +232,10 @@ parse_number (const char **pp, bfd_boolean *poverflow)
+
+ orig = *pp;
+
++ /* Stop early if we are passed an empty string. */
++ if (*orig == 0)
++ return (bfd_vma) 0;
++
+ errno = 0;
+ ul = strtoul (*pp, (char **) pp, 0);
+ if (ul + 1 != 0 || errno == 0)
+@@ -1975,9 +1979,17 @@ parse_stab_enum_type (void *dhandle, const char **pp)
+ bfd_signed_vma val;
+
+ p = *pp;
+- while (*p != ':')
++ while (*p != ':' && *p != 0)
+ ++p;
+
++ if (*p == 0)
++ {
++ bad_stab (orig);
++ free (names);
++ free (values);
++ return DEBUG_TYPE_NULL;
++ }
++
+ name = savestring (*pp, p - *pp);
+
+ *pp = p + 1;
+--
+2.11.0
+
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]