diff options
author | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-11-02 11:07:33 +0900 |
---|---|---|
committer | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-11-02 11:07:33 +0900 |
commit | 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf (patch) | |
tree | cd70a267a5ef105ba32f200aa088e281fbd85747 /external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch | |
parent | 4204309872da5cb401cbb2729d9e2d4869a87f42 (diff) |
basesystem-jjsandbox/ToshikazuOhiwa/master-jj
recipes
Diffstat (limited to 'external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch')
-rw-r--r-- | external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch b/external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch deleted file mode 100644 index 9bd9207b..00000000 --- a/external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 8a5f4f2ebe7f35ac5646060fa51e3332f6ef388c Mon Sep 17 00:00:00 2001 -From: Nick Clifton <nickc@redhat.com> -Date: Fri, 4 Jan 2019 13:44:34 +0000 -Subject: [PATCH] Fix a possible integer overflow problem when examining - corrupt binaries using a 32-bit binutil. - - PR 24005 - * objdump.c (load_specific_debug_section): Check for integer - overflow before attempting to allocate contents. - -CVE: CVE-2018-20671 -Upstream-Status: Backport -[https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca] - -Signed-off-by: Dan Tran <dantran@microsoft.com> ---- - binutils/objdump.c | 13 ++++++++++--- - 1 file changed, 10 insertions(+), 3 deletions(-) - -diff --git a/binutils/objdump.c b/binutils/objdump.c -index f468fcdb59..89ca688938 100644 ---- a/binutils/objdump.c -+++ b/binutils/objdump.c -@@ -2503,12 +2503,19 @@ load_specific_debug_section (enum dwarf_section_display_enum debug, - section->reloc_info = NULL; - section->num_relocs = 0; - section->address = bfd_get_section_vma (abfd, sec); -+ section->user_data = sec; - section->size = bfd_get_section_size (sec); - amt = section->size + 1; -+ if (amt == 0 || amt > bfd_get_file_size (abfd)) -+ { -+ section->start = NULL; -+ free_debug_section (debug); -+ printf (_("\nSection '%s' has an invalid size: %#llx.\n"), -+ section->name, (unsigned long long) section->size); -+ return FALSE; -+ } - section->start = contents = malloc (amt); -- section->user_data = sec; -- if (amt == 0 -- || section->start == NULL -+ if (section->start == NULL - || !bfd_get_full_section_contents (abfd, sec, &contents)) - { - free_debug_section (debug); --- -2.22.0.vfs.1.1.57.gbaf16c8 - |