Files
poky/meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch
Khem Raj 798f11f079 binutils: Upgrade to latest on 2.31 release branch
* Append minor version to PV so recipe checker is happy
* Drop upstreamed patches
* Remove changelog from CVE patches, they dont apply and are in patch
  log anyway

(From OE-Core rev: 550085bc092d773c8c481e238d0d3210466166dc)

(From OE-Core rev: 27b9008618fa981d12424eecbff9bbf113b735f7)

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-02-06 16:38:31 +00:00

30 lines
849 B
Diff

From ab419ddbb2cdd17ca83618990f2cacf904ce1d61 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Tue, 23 Oct 2018 18:29:24 +1030
Subject: [PATCH] PR23804, buffer overflow in sec_merge_hash_lookup
PR 23804
* merge.c (_bfd_add_merge_section): Don't attempt to merge
sections where size is not a multiple of entsize.
Upstream-Status: Backport
CVE: CVE-2018-18605
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
---
bfd/ChangeLog | 6 ++++++
bfd/merge.c | 3 +++
2 files changed, 9 insertions(+)
--- a/bfd/merge.c
+++ b/bfd/merge.c
@@ -376,6 +376,9 @@ _bfd_add_merge_section (bfd *abfd, void
|| sec->entsize == 0)
return TRUE;
+ if (sec->size % sec->entsize != 0)
+ return TRUE;
+
if ((sec->flags & SEC_RELOC) != 0)
{
/* We aren't prepared to handle relocations in merged sections. */