]> code.ossystems Code Review - openembedded-core.git/commitdiff
Code Review / openembedded-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: a36978f)
binutils: CVE-2017-14729
authorThiruvadi Rajaraman <trajaraman@mvista.com>
Wed, 8 Nov 2017 07:08:06 +0000 (12:38 +0530)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sun, 7 Jan 2018 17:09:48 +0000 (17:09 +0000)
Source: binutils-gdb.git
MR: 76278
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 05de8bcd22d8d0b54badcd3826cd370b3aed81de
Description:

x86: Guard against corrupted PLT

There should be only one entry in PLT for a given symbol.  Set howto to
NULL after processing a PLT entry to guard against corrupted PLT so that
the duplicated PLT entries are skipped.

PR binutils/22170

Affects: <= 2.29
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/recipes-devtools/binutils/binutils-2.27.inc patch | blob | history
meta/recipes-devtools/binutils/binutils/CVE-2017-14729.patch [new file with mode: 0644] patch | blob

diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc
index b38a9583cfb45f289fdc07df3d1a6cec0db75b34..b1669a4ef0a0fec6dc88ef87519cba3518e65ca5 100644 (file)
--- a/meta/recipes-devtools/binutils/binutils-2.27.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.27.inc
@@ -100,6 +100,7 @@ SRC_URI = "\
      file://CVE-2017-9955_7.patch \
      file://CVE-2017-9955_8.patch \
      file://CVE-2017-9955_9.patch \
+     file://CVE-2017-14729.patch \
 "
 S  = "${WORKDIR}/git"
 
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14729.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14729.patch
new file mode 100644 (file)
index 0000000..09d5143
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14729.patch
@@ -0,0 +1,45 @@
+commit 61e3bf5f83f7e505b6bc51ef65426e5b31e6e360
+Author: H.J. Lu <hjl.tools@gmail.com>
+Date:   Fri Sep 22 14:15:40 2017 -0700
+
+x86: Guard against corrupted PLT
+
+There should be only one entry in PLT for a given symbol.  Set howto to
+NULL after processing a PLT entry to guard against corrupted PLT so that
+the duplicated PLT entries are skipped.
+
+PR binutils/22170
+
+Upstream-Status: Backport
+
+CVE: CVE-2017-14729
+Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
+Index: git/bfd/elf-ifunc.c
+===================================================================
+--- git.orig/bfd/elf-ifunc.c   2017-11-08 12:34:22.063320490 +0530
++++ git/bfd/elf-ifunc.c        2017-11-08 12:34:29.995404891 +0530
+@@ -473,6 +473,10 @@
+       memcpy (names, "@plt", sizeof ("@plt"));
+       names += sizeof ("@plt");
+       ++s, ++n;
++      /* There should be only one entry in PLT for a given 
++         symbol.  Set howto to NULL after processing a PLT 
++         entry to guard against corrupted PLT.  */
++      p->howto = NULL;        
+     }
+   free (plt_sym_val);
+Index: git/bfd/ChangeLog
+===================================================================
+--- git.orig/bfd/ChangeLog     2017-11-08 12:34:29.939404297 +0530
++++ git/bfd/ChangeLog  2017-11-08 12:35:55.660271599 +0530
+@@ -1,3 +1,9 @@
++2017-09-22  H.J. Lu  <hongjiu.lu@intel.com>
++
++       PR binutils/22170
++       * elf-ifunc.c (elf_get_synthetic_symtab): Guard against
++       corrupted PLT.
++
+ 2017-07-27  Nick Clifton  <nickc@redhat.com>
+        PR 21840
Mirror of the official openembedded-core repository