mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-03-06 15:29:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

gcc-8.3: Security fix for CVE-2019-14250

Browse Source 
Affects < 9.2

(From OE-Core rev: 125c77be468adf8b3be8d00f99d80bd77f7d2e1e)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Armin Kuster
2019-08-31 08:40:01 -07:00
committed by Richard Purdie
parent b174d936e9
commit feb1ac93fd
2 changed files with 45 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
meta/recipes-devtools/gcc/gcc-8.3.inc
View File

@@ -74,6 +74,7 @@ SRC_URI = "\
file://0041-Add-a-recursion-limit-to-libiberty-s-demangling-code.patch \
file://0042-PR-debug-86964.patch \
file://0043-PR85434-Prevent-spilling-of-stack-protector-guard-s-.patch \
file://CVE-2019-14250.patch \
"
SRC_URI[md5sum] = "65b210b4bfe7e060051f799e0f994896"
SRC_URI[sha256sum] = "64baadfe6cc0f4947a84cb12d7f0dfaf45bb58b7e92461639596c21e02d97d2c"

44
meta/recipes-devtools/gcc/gcc-8.3/CVE-2019-14250.patch Normal file
View File

@@ -0,0 +1,44 @@
From a4f1b58eb48b349a5f353bc69c30be553506d33b Mon Sep 17 00:00:00 2001
From: rguenth <rguenth@138bc75d-0d04-0410-961f-82ee72b054a4>
Date: Thu, 25 Jul 2019 10:48:26 +0000
Subject: [PATCH] 2019-07-25 Richard Biener <rguenther@suse.de>
PR lto/90924
Backport from mainline
2019-07-12 Ren Kimura <rkx1209dev@gmail.com>
* simple-object-elf.c (simple_object_elf_match): Check zero value
shstrndx.
git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-8-branch@273794 138bc75d-0d04-0410-961f-82ee72b054a4
Upstream-Status: Backport
Affectes: < 9.2
CVE: CVE-2019-14250
Dropped changelog
Signed-off-by: Armin Kuster <Akustre@mvista.com>
---
libiberty/simple-object-elf.c | 8 ++++++++
2 files changed, 17 insertions(+)
Index: gcc-8.2.0/libiberty/simple-object-elf.c
===================================================================
--- gcc-8.2.0.orig/libiberty/simple-object-elf.c
+++ gcc-8.2.0/libiberty/simple-object-elf.c
@@ -549,6 +549,14 @@ simple_object_elf_match (unsigned char h
return NULL;
}
+ if (eor->shstrndx == 0)
+ {
+ *errmsg = "invalid ELF shstrndx == 0";
+ *err = 0;
+ XDELETE (eor);
+ return NULL;
+ }
+
return (void *) eor;
}