rpms/binutils
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix a potential seg-fault when dumping a corrupt ELF format file.

Browse Source 
Resolves: #2174205
This commit is contained in:
Nick Clifton 2023-03-03 12:17:46 +00:00
parent 2631b782d0
commit 334b3c811a
2 changed files with 43 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
binutils-CVE-2023-25587.patch Normal file
View File

@ -0,0 +1,34 @@
--- binutils.orig/binutils/objdump.c 2023-03-03 11:37:39.209614222 +0000
+++ binutils-2.35.2/binutils/objdump.c 2023-03-03 11:39:45.492428807 +0000
@@ -1090,20 +1090,19 @@ compare_symbols (const void *ap, const v
return 1;
}
- if (bfd_get_flavour (bfd_asymbol_bfd (a)) == bfd_target_elf_flavour
+ /* Sort larger size ELF symbols before smaller. See PR20337. */
+ bfd_vma asz = 0;
+ if ((a->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0
+ && bfd_get_flavour (bfd_asymbol_bfd (a)) == bfd_target_elf_flavour)
+ asz = ((elf_symbol_type *) a)->internal_elf_sym.st_size;
+
+ bfd_vma bsz = 0;
+ if ((b->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0
&& bfd_get_flavour (bfd_asymbol_bfd (b)) == bfd_target_elf_flavour)
- {
- bfd_vma asz, bsz;
+ bsz = ((elf_symbol_type *) b)->internal_elf_sym.st_size;
- asz = 0;
- if ((a->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0)
- asz = ((elf_symbol_type *) a)->internal_elf_sym.st_size;
- bsz = 0;
- if ((b->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0)
- bsz = ((elf_symbol_type *) b)->internal_elf_sym.st_size;
- if (asz != bsz)
- return asz > bsz ? -1 : 1;
- }
+ if (asz != bsz)
+ return asz > bsz ? -1 : 1;
/* Symbols that start with '.' might be section names, so sort them
after symbols that don't start with '.'. */

10
binutils.spec
View File

@ -2,7 +2,7 @@
Summary: A GNU collection of binary utilities Summary: A GNU collection of binary utilities
Name: binutils%{?_with_debug:-debug} Name: binutils%{?_with_debug:-debug}
Version: 2.35.2 Version: 2.35.2
Release: 37%{?dist} Release: 38%{?dist}
License: GPLv3+ License: GPLv3+
URL: https://sourceware.org/binutils URL: https://sourceware.org/binutils
@ -424,6 +424,11 @@ Patch61: binutils-increase-the-max-number-of-open-fi.patch
# Purpose: Remove a comment from bfd_stdint.h, indicating how the file was generated. # Purpose: Remove a comment from bfd_stdint.h, indicating how the file was generated.
# Lifetime: Fixed in 2.39 ? # Lifetime: Fixed in 2.39 ?
Patch62: binutils-no-comment-in-bfd-stdint.patch Patch62: binutils-no-comment-in-bfd-stdint.patch
# Purpose: Fix a potential seg-fault when dumping corrupt ELF files.
# Lifetime: Fixed in 2.40
Patch63: binutils-CVE-2023-25587.patch
#---------------------------------------------------------------------------- #----------------------------------------------------------------------------
Provides: bundled(libiberty) Provides: bundled(libiberty)
@ -1264,6 +1269,9 @@ exit 0
#---------------------------------------------------------------------------- #----------------------------------------------------------------------------
%changelog %changelog
* Fri Mar 03 2023 Nick Clifton <nickc@redhat.com> - 2.35.2-38
- Fix a potential seg-fault when dumping a corrupt ELF format file. (#2174205)
* Fri Jan 20 2023 Nick Clifton <nickc@redhat.com> - 2.35.2-37 * Fri Jan 20 2023 Nick Clifton <nickc@redhat.com> - 2.35.2-37
- Stop the cross binaries from leaking into the native packages. - Stop the cross binaries from leaking into the native packages.