From: Deepthi Hemraj <deepthi.hem...@windriver.com>
Signed-off-by: Deepthi Hemraj <deepthi.hem...@windriver.com>
Signed-off-by: Steve Sakoman <st...@sakoman.com>
---
.../binutils/binutils-2.38.inc | 1 +
.../binutils/0034-CVE-2022-48064.patch | 57 +++++++++++++++++++
2 files changed, 58 insertions(+)
create mode 100644
meta/recipes-devtools/binutils/binutils/0034-CVE-2022-48064.patch
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc
b/meta/recipes-devtools/binutils/binutils-2.38.inc
index dc29141812..3787063cba 100644
--- a/meta/recipes-devtools/binutils/binutils-2.38.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.38.inc
@@ -68,5 +68,6 @@ SRC_URI = "\
file://CVE-2022-48063.patch \
file://0032-CVE-2022-47010.patch \
file://0033-CVE-2022-47007.patch \
+ file://0034-CVE-2022-48064.patch \
"
S = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0034-CVE-2022-48064.patch
b/meta/recipes-devtools/binutils/binutils/0034-CVE-2022-48064.patch
new file mode 100644
index 0000000000..b0840366c7
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0034-CVE-2022-48064.patch
@@ -0,0 +1,57 @@
+From: Alan Modra <amo...@gmail.com>
+Date: Tue, 20 Dec 2022 13:17:03 +0000 (+1030)
+Subject: PR29922, SHT_NOBITS section avoids section size sanity check
+X-Git-Tag: binutils-2_40~202
+X-Git-Url:
https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=8f2c64de86bc3d7556121fe296dd679000283931
+
+PR29922, SHT_NOBITS section avoids section size sanity check
+
+ PR 29922
+ * dwarf2.c (find_debug_info): Ignore sections without
+ SEC_HAS_CONTENTS.
+
+Upstream-Status: Backport
[https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=8f2c64de86bc3d7556121fe296dd679000283931]
+
+CVE: CVE-2022-48064
+
+Signed-off-by: Deepthi Hemraj <deepthi.hem...@windriver.com>
+
+---
+
+diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
+index 95f45708e9d..0cd8152ee6e 100644
+--- a/bfd/dwarf2.c
++++ b/bfd/dwarf2.c
+@@ -4831,16 +4831,19 @@ find_debug_info (bfd *abfd, const struct
dwarf_debug_section *debug_sections,
+ {
+ look = debug_sections[debug_info].uncompressed_name;
+ msec = bfd_get_section_by_name (abfd, look);
+- if (msec != NULL)
++ /* Testing SEC_HAS_CONTENTS is an anti-fuzzer measure. Of
++ course debug sections always have contents. */
++ if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0)
+ return msec;
+
+ look = debug_sections[debug_info].compressed_name;
+ msec = bfd_get_section_by_name (abfd, look);
+- if (msec != NULL)
++ if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0)
+ return msec;
+
+ for (msec = abfd->sections; msec != NULL; msec = msec->next)
+- if (startswith (msec->name, GNU_LINKONCE_INFO))
++ if ((msec->flags & SEC_HAS_CONTENTS) != 0
++ && startswith (msec->name, GNU_LINKONCE_INFO))
+ return msec;
+
+ return NULL;
+@@ -4848,6 +4851,9 @@ find_debug_info (bfd *abfd, const struct
dwarf_debug_section *debug_sections,
+
+ for (msec = after_sec->next; msec != NULL; msec = msec->next)
+ {
++ if ((msec->flags & SEC_HAS_CONTENTS) == 0)
++ continue;
++
+ look = debug_sections[debug_info].uncompressed_name;
+ if (strcmp (msec->name, look) == 0)
+ return msec;
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#191009):
https://lists.openembedded.org/g/openembedded-core/message/191009
Mute This Topic: https://lists.openembedded.org/mt/102742406/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
