Files
poky/meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8484.patch
Armin Kuster 6dde745bf9 binutils: several security fixes
CVE-2014-8484
CVE-2014-8485
CVE-2014-8501
CVE-2014-8502
CVE-2014-8503
CVE-2014-8504
CVE-2014-8737

and one supporting patch.

[Yocto # 7084]

(From OE-Core rev: 859fb4d9ec6974be9ce755e4ffefd9b199f3604c)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-12-27 22:53:40 +00:00

68 lines
1.9 KiB
Diff

Upstream-Status: Backport
CVE-2014-8484 fix.
[YOCTO #7084]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
From bd25671c6f202c4a5108883caa2adb24ff6f361f Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Fri, 29 Aug 2014 10:36:29 +0930
Subject: [PATCH] Report an error for S-records with less than the miniumum
size
* srec.c (srec_scan): Revert last change. Report an error for
S-records with less than the miniumum byte count.
---
bfd/ChangeLog | 5 +++++
bfd/srec.c | 18 +++++++++++++++---
2 files changed, 20 insertions(+), 3 deletions(-)
Index: binutils-2.24/bfd/srec.c
===================================================================
--- binutils-2.24.orig/bfd/srec.c
+++ binutils-2.24/bfd/srec.c
@@ -455,7 +455,7 @@ srec_scan (bfd *abfd)
{
file_ptr pos;
char hdr[3];
- unsigned int bytes;
+ unsigned int bytes, min_bytes;
bfd_vma address;
bfd_byte *data;
unsigned char check_sum;
@@ -478,6 +478,19 @@ srec_scan (bfd *abfd)
}
check_sum = bytes = HEX (hdr + 1);
+ min_bytes = 3;
+ if (hdr[0] == '2' || hdr[0] == '8')
+ min_bytes = 4;
+ else if (hdr[0] == '3' || hdr[0] == '7')
+ min_bytes = 5;
+ if (bytes < min_bytes)
+ {
+ (*_bfd_error_handler) (_("%B:%d: byte count %d too small\n"),
+ abfd, lineno, bytes);
+ bfd_set_error (bfd_error_bad_value);
+ goto error_return;
+ }
+
if (bytes * 2 > bufsize)
{
if (buf != NULL)
Index: binutils-2.24/bfd/ChangeLog
===================================================================
--- binutils-2.24.orig/bfd/ChangeLog
+++ binutils-2.24/bfd/ChangeLog
@@ -1,3 +1,8 @@
+2014-08-29 Alan Modra <amodra@gmail.com>
+
+ * srec.c (srec_scan): Revert last change. Report an error for
+ S-records with less than the miniumum byte count.
+
2013-12-02 Tristan Gingold <gingold@adacore.com>
* configure.in: Bump version to 2.24