poky/meta/recipes-devtools/elfutils/files/CVE-2025-1372.patch

From 73db9d2021cab9e23fd734b0a76a612d52a6f1db Mon Sep 17 00:00:00 2001
From: Mark Wielaard <mark@klomp.org>
Date: Sun, 9 Feb 2025 00:07:39 +0100
Subject: [PATCH] readelf: Skip trying to uncompress sections without a name

When combining eu-readelf -z with -x or -p to dump the data or strings
in an (corrupted ELF) unnamed numbered section eu-readelf could crash
trying to check whether the section name starts with .zdebug. Fix this
by skipping sections without a name.

   * src/readelf.c (dump_data_section): Don't try to gnu decompress a
   section without a name.
   (print_string_section): Likewise.

https://sourceware.org/bugzilla/show_bug.cgi?id=32656

Signed-off-by: Mark Wielaard <mark@klomp.org> 

Upstream-Status: Backport [https://sourceware.org/git/?p=elfutils.git;a=commit;h=73db9d2021cab9e23fd734b0a76a612d52a6f1db]
CVE: CVE-2025-1372
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
 src/readelf.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/readelf.c b/src/readelf.c
index 256165d..48eee26 100644
--- a/src/readelf.c
+++ b/src/readelf.c
@@ -12719,7 +12719,7 @@ dump_data_section (Elf_Scn *scn, const GElf_Shdr *shdr, const char *name)
 			_("Couldn't uncompress section"),
 			elf_ndxscn (scn));
 	    }
-	  else if (startswith (name, ".zdebug"))
+	  else if (name && startswith (name, ".zdebug"))
 	    {
 	      if (elf_compress_gnu (scn, 0, 0) < 0)
 		printf ("WARNING: %s [%zd]\n",
@@ -12770,7 +12770,7 @@ print_string_section (Elf_Scn *scn, const GElf_Shdr *shdr, const char *name)
 			_("Couldn't uncompress section"),
 			elf_ndxscn (scn));
 	    }
-	  else if (startswith (name, ".zdebug"))
+	  else if (name && startswith (name, ".zdebug"))
 	    {
 	      if (elf_compress_gnu (scn, 0, 0) < 0)
 		printf ("WARNING: %s [%zd]\n",
-- 
2.25.1