rpm/binutils
SHA256
1
0
Fork 0
forked from pool/binutils
Code Pull Requests Activity

- Add binutils-pr29482.diff for PR29482, aka CVE-2022-38533

Browse Source 
[bsc#1202816]

OBS-URL: https://build.opensuse.org/package/show/devel:gcc/binutils?expand=0&rev=417
This commit is contained in:
Michael Matz 2022-08-26 13:26:14 +00:00 committed by Git OBS Bridge
parent dadfa067bf
commit df4986e3dc
3 changed files with 41 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
binutils-pr29482.diff Normal file
View File

@ -0,0 +1,33 @@
PR29482 aka CVE-2022-38533
From ef186fe54aa6d281a3ff8a9528417e5cc614c797 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Sat, 13 Aug 2022 15:32:47 +0930
Subject: [PATCH 1/1] PR29482 - strip: heap-buffer-overflow
PR 29482
* coffcode.h (coff_set_section_contents): Sanity check _LIB.
---
bfd/coffcode.h | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
Index: binutils-2.39/bfd/coffcode.h
===================================================================
--- binutils-2.39.orig/bfd/coffcode.h 2022-07-08 11:46:47.000000000 +0200
+++ binutils-2.39/bfd/coffcode.h 2022-08-26 15:23:58.749610670 +0200
@@ -4284,10 +4284,13 @@ coff_set_section_contents (bfd * abfd,
rec = (bfd_byte *) location;
recend = rec + count;
- while (rec < recend)
+ while (recend - rec >= 4)
{
+ size_t len = bfd_get_32 (abfd, rec);
+ if (len == 0 || len > (size_t) (recend - rec) / 4)
+ break;
+ rec += len * 4;
++section->lma;
- rec += bfd_get_32 (abfd, rec) * 4;
}
BFD_ASSERT (rec == recend);

6
binutils.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Fri Aug 26 13:24:35 UTC 2022 - Michael Matz <matz@suse.com>
- Add binutils-pr29482.diff for PR29482, aka CVE-2022-38533
[bsc#1202816]
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Aug 10 09:04:57 UTC 2022 - Martin Liška <mliska@suse.cz> Wed Aug 10 09:04:57 UTC 2022 - Martin Liška <mliska@suse.cz>

2
binutils.spec
View File

@ -138,6 +138,7 @@ Patch40: binutils-fix-abierrormsg.diff
Patch41: binutils-fix-relax.diff Patch41: binutils-fix-relax.diff
Patch42: binutils-compat-old-behaviour.diff Patch42: binutils-compat-old-behaviour.diff
Patch43: binutils-revert-hlasm-insns.diff Patch43: binutils-revert-hlasm-insns.diff
Patch44: binutils-pr29482.diff
Patch100: add-ulp-section.diff Patch100: add-ulp-section.diff
Patch90: cross-avr-nesc-as.patch Patch90: cross-avr-nesc-as.patch
Patch92: cross-avr-omit_section_dynsym.patch Patch92: cross-avr-omit_section_dynsym.patch
@ -260,6 +261,7 @@ cp ld/ldgram.y ld/ldgram.y.orig
%patch42 -p1 %patch42 -p1
%patch43 -p1 %patch43 -p1
%endif %endif
%patch44 -p1
%patch100 -p1 %patch100 -p1
%if "%{TARGET}" == "avr" %if "%{TARGET}" == "avr"
cp gas/config/tc-avr.h gas/config/tc-avr-nesc.h cp gas/config/tc-avr.h gas/config/tc-avr-nesc.h