rpms/binutils
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix potential buffer corruption in sha1 code in libiberty library. Fix potential buffer corruption in sha1 code in linker.

Browse Source 
Resolves: #1954139
Resolves: #1954138
This commit is contained in:
Nick Clifton 2021-05-07 11:29:52 +01:00
parent 219401fce8
commit ba0f4ef1db
3 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
binutils-libiberty-sha1.patch Normal file
View File

@ -0,0 +1,11 @@
--- binutils.orig/libiberty/sha1.c 2021-05-07 10:47:11.572773217 +0100
+++ binutils-2.35.2/libiberty/sha1.c 2021-05-07 10:47:16.014741009 +0100
@@ -258,7 +258,7 @@ sha1_process_bytes (const void *buffer,
{
sha1_process_block (ctx->buffer, 64, ctx);
left_over -= 64;
- memcpy (ctx->buffer, &ctx->buffer[16], left_over);
+ memmove (ctx->buffer, &ctx->buffer[16], left_over);
}
ctx->buflen = left_over;
}

11
binutils-linker-string-copy.patch Normal file
View File

@ -0,0 +1,11 @@
--- binutils.orig/ld/pe-dll.c 2021-05-07 10:47:12.145769068 +0100
+++ binutils-2.35.2/ld/pe-dll.c 2021-05-07 11:01:43.000450119 +0100
@@ -3032,7 +3032,7 @@ pe_find_cdecl_alias_match (struct bfd_li
if (pe_details->underscored)
lname[0] = '_';
else
- strcpy (lname, lname + 1);
+ memmove (lname, lname + 1, strlen (lname));
key.key = lname;
kv = bsearch (&key, udef_table, undef_count,
sizeof (struct key_value), undef_sort_cmp);

14
binutils.spec
View File

@ -39,7 +39,7 @@
Summary: A GNU collection of binary utilities
Name: binutils%{?name_cross}%{?_with_debug:-debug}
Version: 2.35.2
Release: 1%{?dist}
Release: 2%{?dist}
License: GPLv3+
URL: https://sourceware.org/binutils
@ -361,6 +361,14 @@ Patch41: binutils-CVE-2021-3487.patch
# Lifetime: Fixed in 2.36
Patch42: binutils-CVE-2020-35448.patch
# Purpose: Fix potential buffer corruption in libiberty library.
# Lifetime: Fixed in 2.36
Patch43: binutils-libiberty-sha1.patch
# Purpose: Fix potential buffer corruption in linker.
# Lifetime: Fixed in 2.36
Patch44: binutils-linker-string-copy.patch
#----------------------------------------------------------------------------
Provides: bundled(libiberty)
@ -946,6 +954,10 @@ exit 0
#----------------------------------------------------------------------------
%changelog
* Fri May 07 2021 Nick Clifton <nickc@redhat.com> - 2.35.2-2
- Fix potential buffer corruption in sha1 code in libiberty library. (#1954138)
- Fix potential buffer corruption in sha1 code in linker. (#1954139)
* Fri Apr 23 2021 Nick Clifton <nickc@redhat.com> - 2.35.2-1
- Fix an illegal memory access when parsing a corrupt ELF file. (#1950481)
- Fix excessive memory consumption parsing corrupt DWARF information. (#1947969)