Stop GOLD from seg-faulting on a corrupt input with a fuzzed section offset.
Resolves: #1735605
This commit is contained in:
Nick Clifton
parent
9dc3a9d58c
commit
1f0862a7b6
15
binutils-CVE-2019-1010204.patch
Normal file
15
binutils-CVE-2019-1010204.patch
Normal file
@ -0,0 +1,15 @@
|
||||
--- binutils.orig/gold/fileread.cc 2019-08-06 14:22:08.669313110 +0100
|
||||
+++ binutils-2.32/gold/fileread.cc 2019-08-06 14:22:28.799177543 +0100
|
||||
@@ -381,6 +381,12 @@ File_read::do_read(off_t start, section_
|
||||
ssize_t bytes;
|
||||
if (this->whole_file_view_ != NULL)
|
||||
{
|
||||
+ // See PR 23765 for an example of a testcase that triggers this error.
|
||||
+ if (((ssize_t) start) < 0)
|
||||
+ gold_fatal(_("%s: read failed, starting offset (%#llx) less than zero"),
|
||||
+ this->filename().c_str(),
|
||||
+ static_cast<long long>(start));
|
||||
+
|
||||
bytes = this->size_ - start;
|
||||
if (static_cast<section_size_type>(bytes) >= size)
|
||||
{
|
||||
@ -2,7 +2,7 @@
|
||||
Summary: A GNU collection of binary utilities
|
||||
Name: %{?cross}binutils%{?_with_debug:-debug}
|
||||
Version: 2.32
|
||||
Release: 21%{?dist}
|
||||
Release: 22%{?dist}
|
||||
License: GPLv3+
|
||||
URL: https://sourceware.org/binutils
|
||||
|
||||
@ -243,6 +243,11 @@ Patch25: binutils-rh1736114.patch
|
||||
# Lifetime: Fixed in 2.33
|
||||
Patch26: binutils-objcopy-gnu-build-version-notes.patch
|
||||
|
||||
# Purpose: Add a check to the GOLD linker for a corrupt input file
|
||||
# with a fuzzed section offset.
|
||||
# Lifetime: Fixed in 2.33
|
||||
Patch27: binutils-CVE-2019-1010204.patch
|
||||
|
||||
#----------------------------------------------------------------------------
|
||||
|
||||
Provides: bundled(libiberty)
|
||||
@ -395,6 +400,7 @@ Conflicts: gcc-c++ < 4.0.0
|
||||
%patch24 -p1
|
||||
%patch25 -p1
|
||||
%patch26 -p1
|
||||
%patch27 -p1
|
||||
|
||||
# We cannot run autotools as there is an exact requirement of autoconf-2.59.
|
||||
# FIXME - this is no longer true. Maybe try reinstating autotool use ?
|
||||
@ -791,6 +797,9 @@ exit 0
|
||||
|
||||
#----------------------------------------------------------------------------
|
||||
%changelog
|
||||
* Tue Aug 06 2019 Nick Clifton <nickc@redhat.com> - 2.32-22
|
||||
- Stop GOLD from seg-faulting on a corrupt input with a fuzzed section offset. (#1735605)
|
||||
|
||||
* Mon Aug 05 2019 Nick Clifton <nickc@redhat.com> - 2.32-21
|
||||
- Stop strip from complaining if the first build note is not a version note. (#1736114)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user