binutils fix an illegal memory access when parsing an elf file containing corrupt symbol version information

Resolves: #2164700

binutils-memory-access-when-parsing-an-elf-file.patch

@@ -0,0 +1,11 @@
+--- binutils.orig/bfd/elf.c	2023-04-28 12:54:08.090737942 +0100
++++ binutils-2.30/bfd/elf.c	2023-04-28 12:53:28.602795763 +0100
+@@ -8398,6 +8398,8 @@ error_return_verref:
+ 	  || bfd_bread (contents, hdr->sh_size, abfd) != hdr->sh_size)
+ 	goto error_return_verref;
+ 
++      if (hdr->sh_info == 0)
++	goto error_return_verref;
+       elf_tdata (abfd)->verref = (Elf_Internal_Verneed *)
+ 	bfd_alloc2 (abfd, hdr->sh_info, sizeof (Elf_Internal_Verneed));
+ 

binutils.spec

@@ -43,7 +43,7 @@
 Summary: A GNU collection of binary utilities
 Name: binutils%{?name_cross}%{?_with_debug:-debug}
 Version: 2.30
-Release: 120%{?dist}
+Release: 121%{?dist}
 License: GPLv3+
 URL: https://sourceware.org/binutils
 
@@ -631,6 +631,9 @@ Patch101: binutils-coffgen-buffer-overrun.patch
 # Lifetime: Fixed in 2.35
 Patch102: binutils-plugin-search.patch
 
+# Purpose:  Fix an illegal memory access when parsing an elf file containing corrupt symbol version information
+# Lifetime: 2.39 
+Patch103: binutils-memory-access-when-parsing-an-elf-file.patch
 #----------------------------------------------------------------------------
 
 Provides: bundled(libiberty)
@@ -870,6 +873,7 @@ using libelf instead of BFD.
 %patch100 -p1
 %patch101 -p1
 %patch102 -p1
+%patch103 -p1
 
 # We cannot run autotools as there is an exact requirement of autoconf-2.59.
 # FIXME - this is no longer true.  Maybe try reinstating autotool use ?
@@ -1319,6 +1323,9 @@ exit 0
 
 #----------------------------------------------------------------------------
 %changelog
+* Fri Apr 28 2023 Yara Ahmad  <yahmad@redhat.com> - 2.30-121
+- Fix an illegal memory access when parsing an ELF file containing corrupt symbol version information.  (#2164700) 
+
 * Mon Mar 20 2023 Nick Clifton  <nickc@redhat.com> - 2.30-120
 - Restore tests/ sub-directory and use correct sources.  (#2178963)