Fix a potential illegal memory access when copying a corrupt input file.
Resolves: RHEL-132287
This commit is contained in:
Nick Clifton
parent
332bdf7f6d
commit
86c628e87a
38
binutils-CVE-2025-7546.patch
Normal file
38
binutils-CVE-2025-7546.patch
Normal file
@ -0,0 +1,38 @@
|
||||
From 41461010eb7c79fee7a9d5f6209accdaac66cc6b Mon Sep 17 00:00:00 2001
|
||||
From: "H.J. Lu" <hjl.tools@gmail.com>
|
||||
Date: Sat, 21 Jun 2025 06:52:00 +0800
|
||||
Subject: [PATCH] elf: Report corrupted group section
|
||||
|
||||
Report corrupted group section instead of trying to recover.
|
||||
|
||||
PR binutils/33050
|
||||
* elf.c (bfd_elf_set_group_contents): Report corrupted group
|
||||
section.
|
||||
|
||||
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
|
||||
---
|
||||
bfd/elf.c | 23 ++++++++++-------------
|
||||
1 file changed, 10 insertions(+), 13 deletions(-)
|
||||
|
||||
--- binutils.orig/bfd/elf.c 2025-12-16 12:33:34.627390340 +0000
|
||||
+++ binutils-2.35.2/bfd/elf.c 2025-12-16 12:36:53.274123682 +0000
|
||||
@@ -3667,8 +3667,18 @@ bfd_elf_set_group_contents (bfd *abfd, a
|
||||
break;
|
||||
}
|
||||
|
||||
+ /* We should always get here with loc == sec->contents + 4. Return
|
||||
+ an error for bogus SHT_GROUP sections. */
|
||||
loc -= 4;
|
||||
- BFD_ASSERT (loc == sec->contents);
|
||||
+ if (loc != sec->contents)
|
||||
+ {
|
||||
+ /* xgettext:c-format */
|
||||
+ _bfd_error_handler (_("%pB: corrupted group section: `%pA'"),
|
||||
+ abfd, sec);
|
||||
+ bfd_set_error (bfd_error_bad_value);
|
||||
+ *failedptr = TRUE;
|
||||
+ return;
|
||||
+ }
|
||||
|
||||
H_PUT_32 (abfd, sec->flags & SEC_LINK_ONCE ? GRP_COMDAT : 0, loc);
|
||||
}
|
||||
@ -2,7 +2,7 @@
|
||||
Summary: A GNU collection of binary utilities
|
||||
Name: binutils%{?_with_debug:-debug}
|
||||
Version: 2.35.2
|
||||
Release: 69%{?dist}
|
||||
Release: 71%{?dist}
|
||||
License: GPLv3+
|
||||
URL: https://sourceware.org/binutils
|
||||
|
||||
@ -538,6 +538,11 @@ Patch106: binutils-execstack-error-tests.patch
|
||||
# Lifetime: Fixed in 2.46
|
||||
Patch107: binutils-CVE-2025-11083.patch
|
||||
|
||||
# Purpose: Stops a potential illegal memory access when copying a corrupt
|
||||
# input file. PR 33050
|
||||
# Lifetime: Fixed in 2.46
|
||||
Patch108: binutils-CVE-2025-7546.patch
|
||||
|
||||
#----------------------------------------------------------------------------
|
||||
|
||||
Provides: bundled(libiberty)
|
||||
@ -1397,6 +1402,9 @@ exit 0
|
||||
|
||||
#----------------------------------------------------------------------------
|
||||
%changelog
|
||||
* Tue Dec 16 2025 Nick Clifton <nickc@redhat.com> - 2.35.2-71
|
||||
- Fix a potential illegal memory access when copying a corrupt input file. (RHEL-132287)
|
||||
|
||||
* Tue Nov 11 2025 Nick Clifton <nickc@redhat.com> - 2.35.2-69
|
||||
- Fix a potential illegal memory access when linking a corrupt input file. (RHEL-126883)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user