mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-25 19:09:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
b115d25ec64e5251525cfe35bb1f7368acf12d85
poky/meta/recipes-devtools/binutils/binutils/CVE-2018-18607.patch
Zhixiong Chi b9feb4e46b binutils: fix four CVE issues 
Backport the CVE patches from the binutils upstream.

(From OE-Core rev: 84bb9c0514ecbd7c31935c22062b18b4aaefbef1)

Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-11-09 15:27:34 +00:00

78 lines
2.5 KiB
Diff
Raw Blame History

From 102def4da826b3d9e169741421e5e67e8731909a Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Tue, 23 Oct 2018 18:30:22 +1030
Subject: [PATCH] PR23805, NULL pointer dereference in elf_link_input_bfd
PR 23805
* elflink.c (elf_link_input_bfd): Don't segfault on finding
STT_TLS symbols without any TLS sections. Instead, change the
symbol type to STT_NOTYPE.
Upstream-Status: Backport
CVE: CVE-2018-18606
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
---
bfd/ChangeLog | 7 +++++++
bfd/elflink.c | 20 ++++++++++++++------
2 files changed, 21 insertions(+), 6 deletions(-)
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index da423b1..1f3fc1c 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,5 +1,12 @@
2018-10-23 Alan Modra <amodra@gmail.com>
+ PR 23805
+ * elflink.c (elf_link_input_bfd): Don't segfault on finding
+ STT_TLS symbols without any TLS sections. Instead, change the
+ symbol type to STT_NOTYPE.
+
+2018-10-23 Alan Modra <amodra@gmail.com>
+
PR 23806
* merge.c (_bfd_add_merge_section): Don't attempt to merge
sections with ridiculously large alignments.
diff --git a/bfd/elflink.c b/bfd/elflink.c
index c3876cb..87440db 100644
--- a/bfd/elflink.c
+++ b/bfd/elflink.c
@@ -10489,8 +10489,11 @@ elf_link_input_bfd (struct elf_final_link_info *flinfo, bfd *input_bfd)
if (ELF_ST_TYPE (osym.st_info) == STT_TLS)
{
/* STT_TLS symbols are relative to PT_TLS segment base. */
- BFD_ASSERT (elf_hash_table (flinfo->info)->tls_sec != NULL);
- osym.st_value -= elf_hash_table (flinfo->info)->tls_sec->vma;
+ if (elf_hash_table (flinfo->info)->tls_sec != NULL)
+ osym.st_value -= elf_hash_table (flinfo->info)->tls_sec->vma;
+ else
+ osym.st_info = ELF_ST_INFO (ELF_ST_BIND (osym.st_info),
+ STT_NOTYPE);
}
}
@@ -11046,12 +11049,17 @@ elf_link_input_bfd (struct elf_final_link_info *flinfo, bfd *input_bfd)
sym.st_value += osec->vma;
if (ELF_ST_TYPE (sym.st_info) == STT_TLS)
{
+ struct elf_link_hash_table *htab
+ = elf_hash_table (flinfo->info);
+
/* STT_TLS symbols are relative to PT_TLS
segment base. */
- BFD_ASSERT (elf_hash_table (flinfo->info)
- ->tls_sec != NULL);
- sym.st_value -= (elf_hash_table (flinfo->info)
- ->tls_sec->vma);
+ if (htab->tls_sec != NULL)
+ sym.st_value -= htab->tls_sec->vma;
+ else
+ sym.st_info
+ = ELF_ST_INFO (ELF_ST_BIND (sym.st_info),
+ STT_NOTYPE);
}
}
--
2.9.3
Reference in New Issue View Git Blame Copy Permalink