Thiruvadi Rajaraman b5e7f89850 binutils: CVE-2017-8398 ...

Source: git://sourceware.org/git/binutils-gdb.git
MR: 74127
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 410078b468de6dc1c908342283a6abe5bdf38d54
Description:

Fix heap-buffer overflow bugs caused when dumping debug information from a corrupt binary.

  PR binutils/21438
     * dwarf.c (process_extended_line_op): Do not assume that the
       string extracted from the section is NUL terminated.
       (fetch_indirect_string): If the string retrieved from the section
       is not NUL terminated, return an error message.
       (fetch_indirect_line_string): Likewise.
       (fetch_indexed_string): Likewise.

Affects: <= 2.29

Author: Nick Clifton <nickc@redhat.com>
(From OE-Core rev: 1e19e656a97caf61f26ab4f52339b9413d3bb29f)

Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2018-01-07 17:10:08 +00:00

..

binutils

binutils: CVE-2017-8398

2018-01-07 17:10:08 +00:00

binutils_2.27.bb

binutils: Bump to 2.27

2016-08-10 10:46:28 +01:00

binutils-2.27.inc

binutils: CVE-2017-8398

2018-01-07 17:10:08 +00:00

binutils-cross_2.27.bb

binutils: Bump to 2.27

2016-08-10 10:46:28 +01:00

binutils-cross-canadian_2.27.bb

binutils: Bump to 2.27

2016-08-10 10:46:28 +01:00

binutils-cross-canadian.inc

binutils-cross-canadian: Explicitly DEPEND on nativesdk-flex, we require it anyway

2014-07-25 15:33:58 +01:00

binutils-cross.inc

binutils/gcc/gdb: Add TARGET_ARCH to PN for all cross recipes

2014-04-30 16:39:06 +01:00

binutils-crosssdk_2.27.bb

SDK: Allow changing SDKMACHINE without wiping TMP folder

2016-09-28 10:16:03 +01:00

binutils.inc

binutils: Bump to 2.27

2016-08-10 10:46:28 +01:00