mirror of
https://git.yoctoproject.org/poky
synced 2026-02-10 18:53:13 +01:00
86c77aca5b
Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9447 (From OE-Core rev: c992868a989926eac6c4b78a6bb9729bce54f2ed) Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
37 lines
942 B
Diff
37 lines
942 B
Diff
From 323ca04a0c9189544075c19b49da67f6443a8950 Mon Sep 17 00:00:00 2001
|
|
From: Li xin <lixin.fnst@cn.fujitsu.com>
|
|
Date: Wed, 21 Jan 2015 09:33:38 +0900
|
|
Subject: [PATCH] elf_begin.c: CVE-2014-9447 fix
|
|
|
|
this patch is from:
|
|
https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e
|
|
|
|
Upstream-Status: Backport
|
|
|
|
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
|
|
---
|
|
libelf/elf_begin.c | 7 ++-----
|
|
1 file changed, 2 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/libelf/elf_begin.c b/libelf/elf_begin.c
|
|
index e46add3..e83ba35 100644
|
|
--- a/libelf/elf_begin.c
|
|
+++ b/libelf/elf_begin.c
|
|
@@ -736,11 +736,8 @@ read_long_names (Elf *elf)
|
|
break;
|
|
|
|
/* NUL-terminate the string. */
|
|
- *runp = '\0';
|
|
-
|
|
- /* Skip the NUL byte and the \012. */
|
|
- runp += 2;
|
|
-
|
|
+ *runp++ = '\0';
|
|
+
|
|
/* A sanity check. Somebody might have generated invalid
|
|
archive. */
|
|
if (runp >= newp + len)
|
|
--
|
|
1.8.4.2
|
|
|