summaryrefslogtreecommitdiffstats
path: root/external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch
diff options
context:
space:
mode:
Diffstat (limited to 'external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch')
-rw-r--r--external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch49
1 files changed, 0 insertions, 49 deletions
diff --git a/external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch b/external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch
deleted file mode 100644
index 9bd9207b..00000000
--- a/external/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-20671.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 8a5f4f2ebe7f35ac5646060fa51e3332f6ef388c Mon Sep 17 00:00:00 2001
-From: Nick Clifton <nickc@redhat.com>
-Date: Fri, 4 Jan 2019 13:44:34 +0000
-Subject: [PATCH] Fix a possible integer overflow problem when examining
- corrupt binaries using a 32-bit binutil.
-
- PR 24005
- * objdump.c (load_specific_debug_section): Check for integer
- overflow before attempting to allocate contents.
-
-CVE: CVE-2018-20671
-Upstream-Status: Backport
-[https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca]
-
-Signed-off-by: Dan Tran <dantran@microsoft.com>
----
- binutils/objdump.c | 13 ++++++++++---
- 1 file changed, 10 insertions(+), 3 deletions(-)
-
-diff --git a/binutils/objdump.c b/binutils/objdump.c
-index f468fcdb59..89ca688938 100644
---- a/binutils/objdump.c
-+++ b/binutils/objdump.c
-@@ -2503,12 +2503,19 @@ load_specific_debug_section (enum dwarf_section_display_enum debug,
- section->reloc_info = NULL;
- section->num_relocs = 0;
- section->address = bfd_get_section_vma (abfd, sec);
-+ section->user_data = sec;
- section->size = bfd_get_section_size (sec);
- amt = section->size + 1;
-+ if (amt == 0 || amt > bfd_get_file_size (abfd))
-+ {
-+ section->start = NULL;
-+ free_debug_section (debug);
-+ printf (_("\nSection '%s' has an invalid size: %#llx.\n"),
-+ section->name, (unsigned long long) section->size);
-+ return FALSE;
-+ }
- section->start = contents = malloc (amt);
-- section->user_data = sec;
-- if (amt == 0
-- || section->start == NULL
-+ if (section->start == NULL
- || !bfd_get_full_section_contents (abfd, sec, &contents))
- {
- free_debug_section (debug);
---
-2.22.0.vfs.1.1.57.gbaf16c8
-