mirror of
https://git.yoctoproject.org/poky
synced 2026-02-09 18:23:02 +01:00
e5c011b041
The currnet patches in OE-core doesn't have the "CVE:" tag, now part of the policy of the patches. This is patch add this tag to several patches. There might be patches that I miss; the tag can be added in the future. (From OE-Core rev: 065ebeb3e15311d0d45385e15bf557b1c95b1669) Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
38 lines
961 B
Diff
38 lines
961 B
Diff
From 323ca04a0c9189544075c19b49da67f6443a8950 Mon Sep 17 00:00:00 2001
|
|
From: Li xin <lixin.fnst@cn.fujitsu.com>
|
|
Date: Wed, 21 Jan 2015 09:33:38 +0900
|
|
Subject: [PATCH] elf_begin.c: CVE-2014-9447 fix
|
|
|
|
this patch is from:
|
|
https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e
|
|
|
|
Upstream-Status: Backport
|
|
CVE: CVE-2014-9447
|
|
|
|
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
|
|
---
|
|
libelf/elf_begin.c | 7 ++-----
|
|
1 file changed, 2 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/libelf/elf_begin.c b/libelf/elf_begin.c
|
|
index e46add3..e83ba35 100644
|
|
--- a/libelf/elf_begin.c
|
|
+++ b/libelf/elf_begin.c
|
|
@@ -736,11 +736,8 @@ read_long_names (Elf *elf)
|
|
break;
|
|
|
|
/* NUL-terminate the string. */
|
|
- *runp = '\0';
|
|
-
|
|
- /* Skip the NUL byte and the \012. */
|
|
- runp += 2;
|
|
-
|
|
+ *runp++ = '\0';
|
|
+
|
|
/* A sanity check. Somebody might have generated invalid
|
|
archive. */
|
|
if (runp >= newp + len)
|
|
--
|
|
1.8.4.2
|
|
|