Source: git://sourceware.org/git/binutils-gdb.git
MR: 74296
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: d2cf3ab15c89351c941c92e4cdf28c2bfa9dcda8
Description:
Fix seg-fault running addr2line on a corrupt binary.
PR binutils/20891
* aoutx.h (find_nearest_line): Handle the case where the main file
name and the directory name are both empty.
Affects: <= 2.29
Author: Nick Clifton <nickc@redhat.com>
(From OE-Core rev: ba01ee6899c8d36e6469f6d02d40866fb0502af9)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Source: git://sourceware.org/git/binutils-gdb.git
MR: 73854, 73827, 73814, 73801, 73775
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: fb23096307f9903872a04edf171d1fd2099e35c5
Description:
Fix address violation errors parsing corrupt binary files.
PR 21813
binutils* rddbg.c (read_symbol_stabs_debugging_info): Check for an empty
string whilst concatenating symbol names.
bfd * mach-o.c (bfd_mach_o_canonicalize_relocs): Pass the base address
of the relocs to the canonicalize_one_reloc routine.
* mach-o.h (struct bfd_mach_o_backend_data): Update the prototype
for the _bfd_mach_o_canonicalize_one_reloc field.
* mach-o-arm.c (bfd_mach_o_arm_canonicalize_one_reloc): Add
res_base parameter. Use to check for corrupt pair relocs.
* mach-o-aarch64.c (bfd_mach_o_arm64_canonicalize_one_reloc):
Likewise.
* mach-o-i386.c (bfd_mach_o_i386_canonicalize_one_reloc):
Likewise.
* mach-o-x86-64.c (bfd_mach_o_x86_64_canonicalize_one_reloc):
Likewise.
* vms-alpha.c (_bfd_vms_slurp_eihd): Make sure that there is
enough data in the record before attempting to parse it.
(_bfd_vms_slurp_eeom): Likewise.
(_bfd_vms_slurp_egsd): Check for an invalid section index.
(image_set_ptr): Likewise.
(alpha_vms_slurp_relocs): Likewise.
Affects: <= 2.29
(From OE-Core rev: 2cc3922462c9dd86f50a419a2a4abb0f3b5b4745)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Source: git://sourceware.org/git/binutils-gdb.git
MR: 73880
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: 6ef7c8e941d7a1c069b29e4671178c0d02427e3f
Description:
Fix use-after-free error when parsing a corrupt nested archive.
PR 21787
* archive.c (bfd_generic_archive_p): If the bfd does not have the
correct magic bytes at the start, set the error to wrong format
and clear the format selector before returning NULL.
Affects: <= 2.29
(From OE-Core rev: 996e7af41b48107bab5eca0ea26f507541382bd5)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This was not working in multilib or x32 setups and amazingly, was not
noticed until now.
The actual modification is in Lib/site.py, the rest is just devtool moving things around in the patch.
(From OE-Core rev: 0713d2a325adf87d97ef5936061ff44274d5a913)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When using multilib configurations either on arm/arm64 and x86/x86-64
python3 failed to execute due to a failure when looking for its
platform independent and dependent libraries.
This patch fixes this issue by assigning lib_python to the appropriate
macro.
[YOCTO #10812]
(From OE-Core rev: 8ef5c0511e51b82eaa45865df42ecbb2deeb7350)
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Jose Lamego <jose.a.lamego@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The upstream init script uses SIGUSR2 to terminate that daemon because
SIGTERM is ignored. As the killproc function does not support specifying
a signal, switch to start-stop-daemon. Drop the retry loop because
SIGUSR2 is lethal for agent.
(From OE-Core rev: 1e6235de0a3f6302cee37332f03b1ba403c789d1)
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If a conffile has been deleted (common when building a debugfs) the status
command will throw errors instead of handling that situation. Stop the code
being executed in the first place if it wasn't asked for, and handle errors
gracefully.
[ YOCTO #10761 ]
(From OE-Core rev: c32bca840d262ebc5ac93b06d0bce79729a178b1)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The Invisible Mirror FTP service is currently down, and FTP is horrible, so
switch to the HTTP mirror.
(From OE-Core rev: f31461f8ea11e82dbe14454a1149d9ec2120404d)
(From OE-Core rev: 4839f039036f3d72f9ef114a37500f9b498101df)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
getentropy/random() is only available in glibc 2.25+ and uninative may relocate
binaries onto systems that don't have this function. For now, force the code to
the older codepaths until we can come up with a better solution for this kind of
issue.
(From OE-Core rev: 92bda0024d85ae78345665cc2f9646c9881ed61b)
(From OE-Core rev: 2dc6ee0c520442418fa14cf3fe12b059209e9ab7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This fixes compile failures of qemu-native with new versions of glibc. Patch
is taken from upstream.
(From OE-Core rev: b1b7a46f0febe7ac17ec46ecdf88b4120a7d75c4)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is heavily based on the oe-core master commit with the same
subject, but includes a backport of upstream's fix for the fallthrough
warnings rebased to 0.166 (the oe-core patch which targeted 0.168 did
not apply), a rebase of the format-truncation patch, and a backport of
the upstream format-length patch.
Info from OE-Core master patch follows:
From OE-Core rev: aaf4c4f3d09ac3897205417eb15e19d54e0c0d05
From: Joshua Lock <joshua.g.lock@intel.com>
Backport a fix from upstream for a -Wformat-truncation=2 warning
and implement a simple fix for a -Wimplicit-fallthrough warning.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 3b91be97ae8c36cd6bad86fed992efc9800f4c9e)
Signed-off-by: Cody P Schafer <dev@codyps.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Building gcc-cross-initial with GCC7 on the host fails due to the
comparison of a pointer to an integer in ubsan_use_new_style_p, which
is forbidden by ISO C++:
ubsan.c:1474:23: error: ISO C++ forbids comparison between pointer and
integer [-fpermissive]
|| xloc.file == '\0' || xloc.file[0] == '\xff'
Backport the fix from upstream GCC to enable the build with GCC 7
(From OE-Core rev: 7a7fcbab0365b9501c737dbc02715be14dda72a3)
(From OE-Core rev: ad685600d52b2e8b6f4cdbf46baa9f14b51565dd)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Cody P Schafer <dev@codyps.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
fsck.ext will return an error code of 1 if a file systems was checked
and successfully repaired. Even when an optimization was performed it
will return this error code.
This patch will change the error code to 0 if only optimizations had
changed the file systems.
The reason for this patch is a question I asked at the ext4 ML:
http://www.spinics.net/lists/linux-ext4/msg55700.html
Backport from git://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git
Based on commit bf9f3b6d5b10d19218b4ed904c12b22e36ec57dd
(From OE-Core rev: 34ccb6b66162400c3a3164cbdcca02fc1b42c92b)
Signed-off-by: Daniel Schultz <d.schultz@phytec.de>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In git://sourceware.org/git/elfutils.git:
----------------
commit 1700fd25e6caf26663af2bd994d1d99fab9df59f
Author: Mark Wielaard <mark@klomp.org>
Date: Sat Dec 24 22:31:41 2016 +0100
http://elfutils.org/ is now hosted at http://sourceware.org/elfutils/
fedorahosted used to be our home, but we are now hosted at sourceware.
Change the elfutils project home to http://elfutils.org/
Point hosted services (email, release, git, bug tracker and web pages)
to https://sourceware.org/elfutils/
Move design notes from README to NOTES.
Add URLs for home, releases, bugs, git and mailinglist to README.
Make the --version output of all tools the same by using a common
print_version function and update the publicly shown copyright holder
to the elfutils developers.
Signed-off-by: Mark Wielaard <mark@klomp.org>
------------------
Based on a patch from Hongxu Jia <hongxu.jia@windriver.com>
(From OE-Core rev: 4ee8ad29e0eb3584eb8c6e1ba21a5a18d7a59714)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
fedorahosted.org was retired on March 1st, 2017. This is to
update the SRC_URI to point to pagure.io. pagure.io is a
replacement for fedorahosted.
[YOCTO #11226]
(From OE-Core rev: 79ae1e98a7c3fd4c732ea4cd0b3099d4e319a111)
(From OE-Core rev: 6785157e7b30ca112ec5c65487a9e7e65b9dd5de)
Signed-off-by: Choong YinThong <yin.thong.choong@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport upstream commit to address vulnerabilities:
CVE: CVE-2017-6965
[BZ 21137] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21137
Fix readelf writing to illegal addresses whilst processing corrupt input
files containing symbol-difference relocations.
PR binutils/21137
* readelf.c (target_specific_reloc_handling): Add end parameter.
Check for buffer overflow before writing relocated values.
(apply_relocations): Pass end to target_specific_reloc_handling.
CVE: CVE-2017-6966
[BZ 21139] -- https://sourceware.org/bugzilla/show_bug.cgi?id=21139
Fix read-after-free error in readelf when processing multiple, relocated
sections in an MSP430 binary.
PR binutils/21139
* readelf.c (target_specific_reloc_handling): Add num_syms
parameter. Check for symbol table overflow before accessing
symbol value. If reloc pointer is NULL, discard all saved state.
(apply_relocations): Pass num_syms to target_specific_reloc_handling.
Call target_specific_reloc_handling with a NULL reloc pointer
after processing all of the relocs.
(From OE-Core rev: 477afc5634698d6c5cdb6d7705a31d859495695d)
Signed-off-by: Yuanjie Huang <yuanjie.huang@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This reverts commit 87c17b352daa63bc4f62e8802982288ab1839f1b.
Upstream restored the original hashes.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Machines that cloned a while ago will have the commit, but new
deployments won't because it seems the upstream changed/rebased
and the old commit ID has been garbage-collected away. Hence
the fetch fails to check out the named commit ID.
Both the old (gone) commit, and the "new" commit show the same
dates and commit log and point at 5.28, so hopefully this is
the right thing to do. A git diff of the two seems to only show
a blanket uprev of CVS tags and deletion of a couple autogen'd
files, and no real source changes.
(From OE-Core rev: adb71e06768adadda7b69c3b5e81ca3ad67237f4)
Cc: Christos Zoulas <christos@zoulas.com>
(From OE-Core rev: 87c17b352daa63bc4f62e8802982288ab1839f1b)
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add a new %_gpg_sign_cmd_extra_args macro that allows customizing the
gpg options used when signing rpm packages. This is needed to be able to
sign packages with gpg 2.1 which requires "--pinentry-mode loopback" to
allow non-interactive signing.
[YOCTO #11054]
(From OE-Core rev: 5cbba2c4016ad84a54f83531868aa6e66eef468e)
Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
(cherry picked from commit 373a7146d596d27376a003014df0d06f3df5348d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Without doing this, locale data is not written
into usr/src/locale.
We could also just use MKDIR_P instead of mkdir_p.
(From OE-Core rev: 6a767f6587a9d60e21fa1d9687c7c08efe3f89ab)
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The imp python module is the forerunner of importlib. Include imp in
the importlib subpackage instead of the misc subpackage so that it can
be depended on without bringing in a bunch of unrelated, unused modules.
(Slightly modified backport of afd9de380d
by George McCollister <george.mccollister@gmail.com>)
[YOCTO#11134]
(From OE-Core rev: 65f6010346c08bf90f381a2d834dd9908ba2100c)
Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add missing dependency on nativesdk-python3-importlib so the imp Python
module is installed.
Before this patch, running gdb from the sdk would give the following
error:
Python Exception <class 'ImportError'> No module named 'imp':
(From OE-Core rev: ad00a31fbe93e073a2d83616efcd08c5a7ef37c9)
(From OE-Core rev: d6e7dc5cbf1cc09c8882a717cd4dd34d10ec7fa3)
Signed-off-by: George McCollister <george.mccollister@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
nativesdk-libgcc doesn't need a symlink into the target space and if we do this
sstate installation of the recipe can fail depending on whether it races with
the cross-canadian toolchains.
(From OE-Core rev: b2c1e1fe4221862e0dbf5d08960f0d0228e47c72)
(From OE-Core rev: 62012e81c6f7aaad5d9c5e8bec2e2417433572e3)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
