binutils: Security fix for CVE-2017-9745
Affects: <= 2.28 (From OE-Core rev: da1960fb6d9de9620ac507256554659e1bbe7083) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
266586ff4c
commit
10b391060b
|
@ -56,6 +56,7 @@ SRC_URI = "\
|
||||||
file://CVE-2017-9040_9042.patch \
|
file://CVE-2017-9040_9042.patch \
|
||||||
file://CVE-2017-9742.patch \
|
file://CVE-2017-9742.patch \
|
||||||
file://CVE-2017-9744.patch \
|
file://CVE-2017-9744.patch \
|
||||||
|
file://CVE-2017-9745.patch \
|
||||||
"
|
"
|
||||||
S = "${WORKDIR}/git"
|
S = "${WORKDIR}/git"
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,35 @@
|
||||||
|
From 76800cba595efc3fe95a446c2d664e42ae4ee869 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Nick Clifton <nickc@redhat.com>
|
||||||
|
Date: Thu, 15 Jun 2017 12:08:57 +0100
|
||||||
|
Subject: [PATCH] Handle EITR records in VMS Alpha binaries with overlarge
|
||||||
|
command length parameters.
|
||||||
|
|
||||||
|
PR binutils/21579
|
||||||
|
* vms-alpha.c (_bfd_vms_slurp_etir): Extend check of cmd_length.
|
||||||
|
|
||||||
|
Upstream-Status: Backport
|
||||||
|
CVE: CVE-2017-9745
|
||||||
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
||||||
|
|
||||||
|
---
|
||||||
|
bfd/ChangeLog | 5 +++++
|
||||||
|
bfd/vms-alpha.c | 16 ++++++++--------
|
||||||
|
2 files changed, 13 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
Index: git/bfd/vms-alpha.c
|
||||||
|
===================================================================
|
||||||
|
--- git.orig/bfd/vms-alpha.c
|
||||||
|
+++ git/bfd/vms-alpha.c
|
||||||
|
@@ -1741,6 +1741,12 @@ _bfd_vms_slurp_etir (bfd *abfd, struct b
|
||||||
|
_bfd_hexdump (8, ptr, cmd_length - 4, 0);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+#if VMS_DEBUG
|
||||||
|
+ _bfd_vms_debug (4, "etir: %s(%d)\n",
|
||||||
|
+ _bfd_vms_etir_name (cmd), cmd);
|
||||||
|
+ _bfd_hexdump (8, ptr, cmd_length - 4, 0);
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
switch (cmd)
|
||||||
|
{
|
||||||
|
/* Stack global
|
Loading…
Reference in New Issue