diff options
Diffstat (limited to 'external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20623.patch')
-rw-r--r-- | external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20623.patch | 74 |
1 files changed, 0 insertions, 74 deletions
diff --git a/external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20623.patch b/external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20623.patch deleted file mode 100644 index b44d448f..00000000 --- a/external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20623.patch +++ /dev/null @@ -1,74 +0,0 @@ -From 90cce28d4b59f86366d4f562d01a8d439d514234 Mon Sep 17 00:00:00 2001 -From: Nick Clifton <nickc@redhat.com> -Date: Wed, 9 Jan 2019 12:25:16 +0000 -Subject: [PATCH] Fix a heap use after free memory access fault when displaying - error messages about malformed archives. - - PR 14049 - * readelf.c (process_archive): Use arch.file_name in error - messages until the qualified name is available. - -CVE: CVE-2018-20623 -Upstream-Status: Backport -[https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=28e817cc440bce73691c03e01860089a0954a837] - -Signed-off-by: Dan Tran <dantran@microsoft.com> ---- - binutils/readelf.c | 13 ++++++++----- - 1 file changed, 8 insertions(+), 5 deletions(-) - -diff --git a/binutils/readelf.c b/binutils/readelf.c -index f4df697a7d..280023d8de 100644 ---- a/binutils/readelf.c -+++ b/binutils/readelf.c -@@ -19061,7 +19061,7 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - /* Read the next archive header. */ - if (fseek (filedata->handle, arch.next_arhdr_offset, SEEK_SET) != 0) - { -- error (_("%s: failed to seek to next archive header\n"), filedata->file_name); -+ error (_("%s: failed to seek to next archive header\n"), arch.file_name); - return FALSE; - } - got = fread (&arch.arhdr, 1, sizeof arch.arhdr, filedata->handle); -@@ -19069,7 +19069,10 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - { - if (got == 0) - break; -- error (_("%s: failed to read archive header\n"), filedata->file_name); -+ /* PR 24049 - we cannot use filedata->file_name as this will -+ have already been freed. */ -+ error (_("%s: failed to read archive header\n"), arch.file_name); -+ - ret = FALSE; - break; - } -@@ -19089,7 +19092,7 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - name = get_archive_member_name (&arch, &nested_arch); - if (name == NULL) - { -- error (_("%s: bad archive file name\n"), filedata->file_name); -+ error (_("%s: bad archive file name\n"), arch.file_name); - ret = FALSE; - break; - } -@@ -19098,7 +19101,7 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - qualified_name = make_qualified_name (&arch, &nested_arch, name); - if (qualified_name == NULL) - { -- error (_("%s: bad archive file name\n"), filedata->file_name); -+ error (_("%s: bad archive file name\n"), arch.file_name); - ret = FALSE; - break; - } -@@ -19144,7 +19147,7 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - if (nested_arch.file == NULL) - { - error (_("%s: contains corrupt thin archive: %s\n"), -- filedata->file_name, name); -+ qualified_name, name); - ret = FALSE; - break; - } --- -2.22.0.vfs.1.1.57.gbaf16c8 - |