poky/meta/recipes-devtools/binutils/binutils/CVE-2017-15023.patch

From c361faae8d964db951b7100cada4dcdc983df1bf Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Mon, 25 Sep 2017 19:03:46 +0930
Subject: [PATCH] PR22200, DWARF5 .debug_line sanity check

The format_count entry can't be zero unless the count is also zero.

	PR 22200
	* dwarf2.c (read_formatted_entries): Error on format_count zero.

Upstream-Status: Backport
Affects: <= 2.29.1
CVE: CVE-2017-15023
Signed-off-by: Armin Kuster <akuster@mvista.com>

---
 bfd/ChangeLog | 5 +++++
 bfd/dwarf2.c  | 7 +++++++
 2 files changed, 12 insertions(+)

Index: git/bfd/dwarf2.c
===================================================================
--- git.orig/bfd/dwarf2.c
+++ git/bfd/dwarf2.c
@@ -1934,6 +1934,13 @@ read_formatted_entries (struct comp_unit
   data_count = _bfd_safe_read_leb128 (abfd, buf, &bytes_read, FALSE, buf_end);
   buf += bytes_read;
 
+  if (format_count == 0 && data_count != 0)
+    {
+      _bfd_error_handler (_("Dwarf Error: Zero format count."));
+      bfd_set_error (bfd_error_bad_value);
+      return FALSE;
+    }
+
   /* PR 22210.  Paranoia check.  Don't bother running the loop
      if we know that we are going to run out of buffer.  */
   if (data_count > (bfd_vma) (buf_end - buf))
Index: git/bfd/ChangeLog
===================================================================
--- git.orig/bfd/ChangeLog
+++ git/bfd/ChangeLog
@@ -1,4 +1,9 @@
 2017-09-25  Alan Modra  <amodra@gmail.com>
+
+       PR 22200
+       * dwarf2.c (read_formatted_entries): Error on format_count zero.
+
+2017-09-25  Alan Modra  <amodra@gmail.com>
  
        PR 22201
        * dwarf2.c (scan_unit_for_symbols): Ignore DW_AT_name unless it