Source: git://sourceware.org/git/binutils-gdb.git
MR: 74127
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 410078b468de6dc1c908342283a6abe5bdf38d54
Description:
Fix heap-buffer overflow bugs caused when dumping debug information from a corrupt binary.
PR binutils/21438
* dwarf.c (process_extended_line_op): Do not assume that the
string extracted from the section is NUL terminated.
(fetch_indirect_string): If the string retrieved from the section
is not NUL terminated, return an error message.
(fetch_indirect_line_string): Likewise.
(fetch_indexed_string): Likewise.
Affects: <= 2.29
Author: Nick Clifton <nickc@redhat.com>
(From OE-Core rev: 1e19e656a97caf61f26ab4f52339b9413d3bb29f)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74140
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 5f6dd48c427de8663c5a80af6db44ce5c579d42c
Description:
Prevent memory exhaustion from a corrupt PE binary with an overlarge number of relocs.
PR 21440
* objdump.c (dump_relocs_in_section): Check for an excessive
number of relocs before attempting to dump them.
Affects: <= 2.29
Author: Alan Modra <amodra@gmail.com>
(From OE-Core rev: 09c642a70e2a12dcc01ffe45c333011a142c02a7)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74179
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 976156cd25454143883090ca42010c38c6d6af0f
Description:
PR 21412, get_reloc_section assumes .rel/.rela name for SHT_REL/RELA.
This patch fixes an assumption made by code that runs for objcopy and
strip, that SHT_REL/SHR_RELA sections are always named starting with a
.rel/.rela prefix. I'm also modifying the interface for
elf_backend_get_reloc_section, so any backend function just needs to
handle name mapping.
Affects: <= 2.29
Author: Alan Modra <amodra@gmail.com>
(From OE-Core rev: 24124406a2a1657b80ba2933bef40ccf798c8097)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74296
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: d2cf3ab15c89351c941c92e4cdf28c2bfa9dcda8
Description:
Fix seg-fault running addr2line on a corrupt binary.
PR binutils/20891
* aoutx.h (find_nearest_line): Handle the case where the main file
name and the directory name are both empty.
Affects: <= 2.29
Author: Nick Clifton <nickc@redhat.com>
(From OE-Core rev: ba01ee6899c8d36e6469f6d02d40866fb0502af9)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Source: git://sourceware.org/git/binutils-gdb.git
MR: 73854, 73827, 73814, 73801, 73775
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: fb23096307f9903872a04edf171d1fd2099e35c5
Description:
Fix address violation errors parsing corrupt binary files.
PR 21813
binutils* rddbg.c (read_symbol_stabs_debugging_info): Check for an empty
string whilst concatenating symbol names.
bfd * mach-o.c (bfd_mach_o_canonicalize_relocs): Pass the base address
of the relocs to the canonicalize_one_reloc routine.
* mach-o.h (struct bfd_mach_o_backend_data): Update the prototype
for the _bfd_mach_o_canonicalize_one_reloc field.
* mach-o-arm.c (bfd_mach_o_arm_canonicalize_one_reloc): Add
res_base parameter. Use to check for corrupt pair relocs.
* mach-o-aarch64.c (bfd_mach_o_arm64_canonicalize_one_reloc):
Likewise.
* mach-o-i386.c (bfd_mach_o_i386_canonicalize_one_reloc):
Likewise.
* mach-o-x86-64.c (bfd_mach_o_x86_64_canonicalize_one_reloc):
Likewise.
* vms-alpha.c (_bfd_vms_slurp_eihd): Make sure that there is
enough data in the record before attempting to parse it.
(_bfd_vms_slurp_eeom): Likewise.
(_bfd_vms_slurp_egsd): Check for an invalid section index.
(image_set_ptr): Likewise.
(alpha_vms_slurp_relocs): Likewise.
Affects: <= 2.29
(From OE-Core rev: 2cc3922462c9dd86f50a419a2a4abb0f3b5b4745)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Source: git://sourceware.org/git/binutils-gdb.git
MR: 73880
Type: Security Fix
Disposition: Backport from binutils-2_29-branch
ChangeID: 6ef7c8e941d7a1c069b29e4671178c0d02427e3f
Description:
Fix use-after-free error when parsing a corrupt nested archive.
PR 21787
* archive.c (bfd_generic_archive_p): If the bfd does not have the
correct magic bytes at the start, set the error to wrong format
and clear the format selector before returning NULL.
Affects: <= 2.29
(From OE-Core rev: 996e7af41b48107bab5eca0ea26f507541382bd5)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This was not working in multilib or x32 setups and amazingly, was not
noticed until now.
The actual modification is in Lib/site.py, the rest is just devtool moving things around in the patch.
(From OE-Core rev: 0713d2a325adf87d97ef5936061ff44274d5a913)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When using multilib configurations either on arm/arm64 and x86/x86-64
python3 failed to execute due to a failure when looking for its
platform independent and dependent libraries.
This patch fixes this issue by assigning lib_python to the appropriate
macro.
[YOCTO #10812]
(From OE-Core rev: 8ef5c0511e51b82eaa45865df42ecbb2deeb7350)
Signed-off-by: Alejandro Hernandez <alejandro.hernandez@linux.intel.com>
Signed-off-by: Jose Lamego <jose.a.lamego@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The upstream init script uses SIGUSR2 to terminate that daemon because
SIGTERM is ignored. As the killproc function does not support specifying
a signal, switch to start-stop-daemon. Drop the retry loop because
SIGUSR2 is lethal for agent.
(From OE-Core rev: 1e6235de0a3f6302cee37332f03b1ba403c789d1)
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If a conffile has been deleted (common when building a debugfs) the status
command will throw errors instead of handling that situation. Stop the code
being executed in the first place if it wasn't asked for, and handle errors
gracefully.
[ YOCTO #10761 ]
(From OE-Core rev: c32bca840d262ebc5ac93b06d0bce79729a178b1)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The Invisible Mirror FTP service is currently down, and FTP is horrible, so
switch to the HTTP mirror.
(From OE-Core rev: f31461f8ea11e82dbe14454a1149d9ec2120404d)
(From OE-Core rev: 4839f039036f3d72f9ef114a37500f9b498101df)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
getentropy/random() is only available in glibc 2.25+ and uninative may relocate
binaries onto systems that don't have this function. For now, force the code to
the older codepaths until we can come up with a better solution for this kind of
issue.
(From OE-Core rev: 92bda0024d85ae78345665cc2f9646c9881ed61b)
(From OE-Core rev: 2dc6ee0c520442418fa14cf3fe12b059209e9ab7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This fixes compile failures of qemu-native with new versions of glibc. Patch
is taken from upstream.
(From OE-Core rev: b1b7a46f0febe7ac17ec46ecdf88b4120a7d75c4)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is heavily based on the oe-core master commit with the same
subject, but includes a backport of upstream's fix for the fallthrough
warnings rebased to 0.166 (the oe-core patch which targeted 0.168 did
not apply), a rebase of the format-truncation patch, and a backport of
the upstream format-length patch.
Info from OE-Core master patch follows:
From OE-Core rev: aaf4c4f3d09ac3897205417eb15e19d54e0c0d05
From: Joshua Lock <joshua.g.lock@intel.com>
Backport a fix from upstream for a -Wformat-truncation=2 warning
and implement a simple fix for a -Wimplicit-fallthrough warning.
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 3b91be97ae8c36cd6bad86fed992efc9800f4c9e)
Signed-off-by: Cody P Schafer <dev@codyps.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Building gcc-cross-initial with GCC7 on the host fails due to the
comparison of a pointer to an integer in ubsan_use_new_style_p, which
is forbidden by ISO C++:
ubsan.c:1474:23: error: ISO C++ forbids comparison between pointer and
integer [-fpermissive]
|| xloc.file == '\0' || xloc.file[0] == '\xff'
Backport the fix from upstream GCC to enable the build with GCC 7
(From OE-Core rev: 7a7fcbab0365b9501c737dbc02715be14dda72a3)
(From OE-Core rev: ad685600d52b2e8b6f4cdbf46baa9f14b51565dd)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Cody P Schafer <dev@codyps.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
