From: Deepthi Hemraj <deepthi.hem...@windriver.com> Signed-off-by: Deepthi Hemraj <deepthi.hem...@windriver.com> Signed-off-by: Steve Sakoman <st...@sakoman.com> --- .../binutils/binutils-2.38.inc | 1 + .../binutils/0034-CVE-2022-48064.patch | 57 +++++++++++++++++++ 2 files changed, 58 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0034-CVE-2022-48064.patch
diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index dc29141812..3787063cba 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -68,5 +68,6 @@ SRC_URI = "\ file://CVE-2022-48063.patch \ file://0032-CVE-2022-47010.patch \ file://0033-CVE-2022-47007.patch \ + file://0034-CVE-2022-48064.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0034-CVE-2022-48064.patch b/meta/recipes-devtools/binutils/binutils/0034-CVE-2022-48064.patch new file mode 100644 index 0000000000..b0840366c7 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0034-CVE-2022-48064.patch @@ -0,0 +1,57 @@ +From: Alan Modra <amo...@gmail.com> +Date: Tue, 20 Dec 2022 13:17:03 +0000 (+1030) +Subject: PR29922, SHT_NOBITS section avoids section size sanity check +X-Git-Tag: binutils-2_40~202 +X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=8f2c64de86bc3d7556121fe296dd679000283931 + +PR29922, SHT_NOBITS section avoids section size sanity check + + PR 29922 + * dwarf2.c (find_debug_info): Ignore sections without + SEC_HAS_CONTENTS. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=8f2c64de86bc3d7556121fe296dd679000283931] + +CVE: CVE-2022-48064 + +Signed-off-by: Deepthi Hemraj <deepthi.hem...@windriver.com> + +--- + +diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c +index 95f45708e9d..0cd8152ee6e 100644 +--- a/bfd/dwarf2.c ++++ b/bfd/dwarf2.c +@@ -4831,16 +4831,19 @@ find_debug_info (bfd *abfd, const struct dwarf_debug_section *debug_sections, + { + look = debug_sections[debug_info].uncompressed_name; + msec = bfd_get_section_by_name (abfd, look); +- if (msec != NULL) ++ /* Testing SEC_HAS_CONTENTS is an anti-fuzzer measure. Of ++ course debug sections always have contents. */ ++ if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0) + return msec; + + look = debug_sections[debug_info].compressed_name; + msec = bfd_get_section_by_name (abfd, look); +- if (msec != NULL) ++ if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0) + return msec; + + for (msec = abfd->sections; msec != NULL; msec = msec->next) +- if (startswith (msec->name, GNU_LINKONCE_INFO)) ++ if ((msec->flags & SEC_HAS_CONTENTS) != 0 ++ && startswith (msec->name, GNU_LINKONCE_INFO)) + return msec; + + return NULL; +@@ -4848,6 +4851,9 @@ find_debug_info (bfd *abfd, const struct dwarf_debug_section *debug_sections, + + for (msec = after_sec->next; msec != NULL; msec = msec->next) + { ++ if ((msec->flags & SEC_HAS_CONTENTS) == 0) ++ continue; ++ + look = debug_sections[debug_info].uncompressed_name; + if (strcmp (msec->name, look) == 0) + return msec; -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#191009): https://lists.openembedded.org/g/openembedded-core/message/191009 Mute This Topic: https://lists.openembedded.org/mt/102742406/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-