diff --git a/binutils-CVE-2021-20197.patch b/binutils-CVE-2021-20197.patch index 4e9be45..f081603 100644 --- a/binutils-CVE-2021-20197.patch +++ b/binutils-CVE-2021-20197.patch @@ -776,3 +776,569 @@ Only in binutils-2.35.1/binutils/: objcopy.c.rej set_times (to, target_stat); unlink (from); } +diff -rup binutils.orig/binutils/ar.c binutils-2.35.1/binutils/ar.c +--- binutils.orig/binutils/ar.c 2021-03-11 12:38:18.183422774 +0000 ++++ binutils-2.35.1/binutils/ar.c 2021-03-11 12:45:09.279716067 +0000 +@@ -1195,22 +1195,21 @@ write_archive (bfd *iarch) + bfd *obfd; + char *old_name, *new_name; + bfd *contents_head = iarch->archive_next; +- int ofd = -1; +- struct stat target_stat; ++ int tmpfd = -1; + + old_name = xstrdup (bfd_get_filename (iarch)); +- new_name = make_tempname (old_name, &ofd); ++ new_name = make_tempname (old_name, &tmpfd); + + if (new_name == NULL) + bfd_fatal (_("could not create temporary file whilst writing archive")); + + output_filename = new_name; + +- obfd = bfd_fdopenw (new_name, bfd_get_target (iarch), ofd); ++ obfd = bfd_fdopenw (new_name, bfd_get_target (iarch), tmpfd); + + if (obfd == NULL) + { +- close (ofd); ++ close (tmpfd); + bfd_fatal (old_name); + } + +@@ -1241,12 +1240,7 @@ write_archive (bfd *iarch) + if (!bfd_set_archive_head (obfd, contents_head)) + bfd_fatal (old_name); + +-#if !defined (_WIN32) || defined (__CYGWIN32__) +- ofd = dup (ofd); +-#endif +- if (ofd == -1 || bfd_stat (iarch, &target_stat) != 0) +- bfd_fatal (old_name); +- ++ tmpfd = dup (tmpfd); + if (!bfd_close (obfd)) + bfd_fatal (old_name); + +@@ -1256,7 +1250,7 @@ write_archive (bfd *iarch) + /* We don't care if this fails; we might be creating the archive. */ + bfd_close (iarch); + +- if (smart_rename (new_name, old_name, ofd, &target_stat, 0) != 0) ++ if (smart_rename (new_name, old_name, tmpfd, NULL, FALSE) != 0) + xexit (1); + free (old_name); + free (new_name); +diff -rup binutils.orig/binutils/arsup.c binutils-2.35.1/binutils/arsup.c +--- binutils.orig/binutils/arsup.c 2021-03-11 12:38:18.182422781 +0000 ++++ binutils-2.35.1/binutils/arsup.c 2021-03-11 12:47:43.246702325 +0000 +@@ -43,7 +43,7 @@ extern int deterministic; + static bfd *obfd; + static char *real_name; + static char *temp_name; +-static int real_ofd; ++static int temp_fd; + static FILE *outfile; + + static void +@@ -152,7 +152,7 @@ void + ar_open (char *name, int t) + { + real_name = xstrdup (name); +- temp_name = make_tempname (real_name, &real_ofd); ++ temp_name = make_tempname (real_name, &temp_fd); + + if (temp_name == NULL) + { +@@ -162,7 +162,7 @@ ar_open (char *name, int t) + return; + } + +- obfd = bfd_fdopenw (temp_name, NULL, real_ofd); ++ obfd = bfd_fdopenw (temp_name, NULL, temp_fd); + + if (!obfd) + { +@@ -343,29 +343,20 @@ ar_save (void) + } + else + { +- bfd_boolean skip_stat = FALSE; + struct stat target_stat; +- int ofd = real_ofd; + + if (deterministic > 0) + obfd->flags |= BFD_DETERMINISTIC_OUTPUT; + +-#if !defined (_WIN32) || defined (__CYGWIN32__) +- /* It's OK to fail; at worst it will result in SMART_RENAME using a slow +- copy fallback to write the output. */ +- ofd = dup (ofd); +-#endif ++ temp_fd = dup (temp_fd); + bfd_close (obfd); + +- if (lstat (real_name, &target_stat) != 0) ++ if (stat (real_name, &target_stat) != 0) + { + /* The temp file created in ar_open has mode 0600 as per mkstemp. + Create the real empty output file here so smart_rename will + update the mode according to the process umask. */ + obfd = bfd_openw (real_name, NULL); +- if (obfd == NULL +- || bfd_stat (obfd, &target_stat) != 0) +- skip_stat = TRUE; + if (obfd != NULL) + { + bfd_set_format (obfd, bfd_archive); +@@ -373,9 +364,8 @@ ar_save (void) + } + } + +- smart_rename (temp_name, real_name, ofd, +- skip_stat ? NULL : &target_stat, 0); +- obfd = 0; ++ smart_rename (temp_name, real_name, temp_fd, NULL, FALSE); ++ obfd = NULL; + free (temp_name); + free (real_name); + } +diff -rup binutils.orig/binutils/bucomm.h binutils-2.35.1/binutils/bucomm.h +--- binutils.orig/binutils/bucomm.h 2021-03-11 12:38:18.183422774 +0000 ++++ binutils-2.35.1/binutils/bucomm.h 2021-03-11 12:42:22.320815334 +0000 +@@ -71,7 +71,8 @@ extern void print_version (const char *) + /* In rename.c. */ + extern void set_times (const char *, const struct stat *); + +-extern int smart_rename (const char *, const char *, int, struct stat *, int); ++extern int smart_rename (const char *, const char *, int, ++ struct stat *, bfd_boolean); + + + /* In libiberty. */ +diff -rup binutils.orig/binutils/objcopy.c binutils-2.35.1/binutils/objcopy.c +--- binutils.orig/binutils/objcopy.c 2021-03-11 12:38:18.181422787 +0000 ++++ binutils-2.35.1/binutils/objcopy.c 2021-03-11 12:51:09.486344417 +0000 +@@ -4802,12 +4802,7 @@ strip_main (int argc, char *argv[]) + else + tmpname = output_file; + +- if (tmpname == NULL +-#if !defined (_WIN32) || defined (__CYGWIN32__) +- /* Retain a copy of TMPFD since we will need it for SMART_RENAME. */ +- || (tmpfd >= 0 && (copyfd = dup (tmpfd)) == -1) +-#endif +- ) ++ if (tmpname == NULL) + { + bfd_nonfatal_message (argv[i], NULL, NULL, + _("could not create temporary file to hold stripped copy")); +@@ -4820,21 +4815,17 @@ strip_main (int argc, char *argv[]) + output_target, NULL); + if (status == 0) + { +- if (preserve_dates) +- set_times (tmpname, &statbuf); + if (output_file != tmpname) +- status = (smart_rename (tmpname, +- output_file ? output_file : argv[i], +- copyfd, &statbuf, preserve_dates) != 0); ++ status = smart_rename (tmpname, ++ output_file ? output_file : argv[i], ++ copyfd, &statbuf, preserve_dates) != 0; + if (status == 0) + status = hold_status; + } + else + { +-#if !defined (_WIN32) || defined (__CYGWIN32__) + if (copyfd >= 0) + close (copyfd); +-#endif + unlink_if_ordinary (tmpname); + } + if (output_file != tmpname) +@@ -5043,8 +5034,9 @@ copy_main (int argc, char *argv[]) + bfd_boolean formats_info = FALSE; + bfd_boolean use_globalize = FALSE; + bfd_boolean use_keep_global = FALSE; +- int c, tmpfd = -1; +- int copyfd = -1; ++ int c; ++ int tmpfd = -1; ++ int copyfd; + struct stat statbuf; + const bfd_arch_info_type *input_arch = NULL; + +@@ -5882,19 +5874,19 @@ copy_main (int argc, char *argv[]) + } + + /* If there is no destination file, or the source and destination files +- are the same, then create a temp and rename the result into the input. */ ++ are the same, then create a temp and copy the result into the input. */ ++ copyfd = -1; + if (output_filename == NULL + || filename_cmp (input_filename, output_filename) == 0) +- tmpname = make_tempname (input_filename, &tmpfd); ++ { ++ tmpname = make_tempname (input_filename, &tmpfd); ++ if (tmpfd >= 0) ++ copyfd = dup (tmpfd); ++ } + else + tmpname = output_filename; + +- if (tmpname == NULL +-#if !defined (_WIN32) || defined (__CYGWIN32__) +- /* Retain a copy of TMPFD since we will need it for SMART_RENAME. */ +- || (tmpfd >= 0 && (copyfd = dup (tmpfd)) == -1) +-#endif +- ) ++ if (tmpname == NULL) + { + fatal (_("warning: could not create temporary file whilst copying '%s', (error: %s)"), + input_filename, strerror (errno)); +@@ -5904,18 +5896,14 @@ copy_main (int argc, char *argv[]) + output_target, input_arch); + if (status == 0) + { +- if (preserve_dates) +- set_times (tmpname, &statbuf); + if (tmpname != output_filename) +- status = (smart_rename (tmpname, input_filename, copyfd, &statbuf, +- preserve_dates) != 0); ++ status = smart_rename (tmpname, input_filename, copyfd, ++ &statbuf, preserve_dates) != 0; + } + else + { +-#if !defined (_WIN32) || defined (__CYGWIN32__) + if (copyfd >= 0) + close (copyfd); +-#endif + unlink_if_ordinary (tmpname); + } + +@@ -5961,26 +5949,13 @@ copy_main (int argc, char *argv[]) + } + } + +- if (strip_specific_buffer) +- free (strip_specific_buffer); +- +- if (strip_unneeded_buffer) +- free (strip_unneeded_buffer); +- +- if (keep_specific_buffer) +- free (keep_specific_buffer); +- +- if (localize_specific_buffer) +- free (globalize_specific_buffer); +- +- if (globalize_specific_buffer) +- free (globalize_specific_buffer); +- +- if (keepglobal_specific_buffer) +- free (keepglobal_specific_buffer); +- +- if (weaken_specific_buffer) +- free (weaken_specific_buffer); ++ free (strip_specific_buffer); ++ free (strip_unneeded_buffer); ++ free (keep_specific_buffer); ++ free (localize_specific_buffer); ++ free (globalize_specific_buffer); ++ free (keepglobal_specific_buffer); ++ free (weaken_specific_buffer); + + return 0; + } +diff -rup binutils.orig/binutils/rename.c binutils-2.35.1/binutils/rename.c +--- binutils.orig/binutils/rename.c 2021-03-11 12:38:18.183422774 +0000 ++++ binutils-2.35.1/binutils/rename.c 2021-03-11 12:41:41.824081969 +0000 +@@ -30,30 +30,25 @@ + #endif /* HAVE_UTIMES */ + #endif /* ! HAVE_GOOD_UTIME_H */ + +-#if ! defined (_WIN32) || defined (__CYGWIN32__) +-static int simple_copy (const char *, const char *); +- + /* The number of bytes to copy at once. */ + #define COPY_BUF 8192 + +-/* Copy file FROM to file TO, performing no translations. ++/* Copy file FROMFD to file TO, performing no translations. + Return 0 if ok, -1 if error. */ + + static int +-simple_copy (const char *from, const char *to) ++simple_copy (int fromfd, const char *to, ++ struct stat *target_stat ATTRIBUTE_UNUSED) + { +- int fromfd, tofd, nread; ++ int tofd, nread; + int saved; + char buf[COPY_BUF]; + +- fromfd = open (from, O_RDONLY | O_BINARY); +- if (fromfd < 0) ++ if (fromfd < 0 ++ || lseek (fromfd, 0, SEEK_SET) != 0) + return -1; +-#ifdef O_CREAT +- tofd = open (to, O_CREAT | O_WRONLY | O_TRUNC | O_BINARY, 0777); +-#else +- tofd = creat (to, 0777); +-#endif ++ ++ tofd = open (to, O_WRONLY | O_TRUNC | O_BINARY); + if (tofd < 0) + { + saved = errno; +@@ -61,6 +56,7 @@ simple_copy (const char *from, const cha + errno = saved; + return -1; + } ++ + while ((nread = read (fromfd, buf, sizeof buf)) > 0) + { + if (write (tofd, buf, nread) != nread) +@@ -72,7 +68,16 @@ simple_copy (const char *from, const cha + return -1; + } + } ++ + saved = errno; ++ ++#if !defined (_WIN32) || defined (__CYGWIN32__) ++ /* Writing to a setuid/setgid file may clear S_ISUID and S_ISGID. ++ Try to restore them, ignoring failure. */ ++ if (target_stat != NULL) ++ fchmod (tofd, target_stat->st_mode); ++#endif ++ + close (fromfd); + close (tofd); + if (nread < 0) +@@ -82,7 +87,6 @@ simple_copy (const char *from, const cha + } + return 0; + } +-#endif /* __CYGWIN32__ or not _WIN32 */ + + /* Set the times of the file DESTINATION to be the same as those in + STATBUF. */ +@@ -91,164 +95,52 @@ void + set_times (const char *destination, const struct stat *statbuf) + { + int result; +- +- { + #ifdef HAVE_GOOD_UTIME_H +- struct utimbuf tb; ++ struct utimbuf tb; + +- tb.actime = statbuf->st_atime; +- tb.modtime = statbuf->st_mtime; +- result = utime (destination, &tb); +-#else /* ! HAVE_GOOD_UTIME_H */ +-#ifndef HAVE_UTIMES +- long tb[2]; +- +- tb[0] = statbuf->st_atime; +- tb[1] = statbuf->st_mtime; +- result = utime (destination, tb); +-#else /* HAVE_UTIMES */ +- struct timeval tv[2]; +- +- tv[0].tv_sec = statbuf->st_atime; +- tv[0].tv_usec = 0; +- tv[1].tv_sec = statbuf->st_mtime; +- tv[1].tv_usec = 0; +- result = utimes (destination, tv); +-#endif /* HAVE_UTIMES */ +-#endif /* ! HAVE_GOOD_UTIME_H */ +- } +- +- if (result != 0) +- non_fatal (_("%s: cannot set time: %s"), destination, strerror (errno)); +-} +- +-#ifndef S_ISLNK +-#ifdef S_IFLNK +-#define S_ISLNK(m) (((m) & S_IFMT) == S_IFLNK) ++ tb.actime = statbuf->st_atime; ++ tb.modtime = statbuf->st_mtime; ++ result = utime (destination, &tb); ++#elif defined HAVE_UTIMES ++ struct timeval tv[2]; ++ ++ tv[0].tv_sec = statbuf->st_atime; ++ tv[0].tv_usec = 0; ++ tv[1].tv_sec = statbuf->st_mtime; ++ tv[1].tv_usec = 0; ++ result = utimes (destination, tv); + #else +-#define S_ISLNK(m) 0 +-#define lstat stat +-#endif +-#endif +- +-#if !defined (_WIN32) || defined (__CYGWIN32__) +-/* Try to preserve the permission bits and ownership of an existing file when +- rename overwrites it. FD is the file being renamed and TARGET_STAT has the +- status of the file that was overwritten. */ +-static void +-try_preserve_permissions (int fd, struct stat *target_stat) +-{ +- struct stat from_stat; +- int ret = 0; +- +- if (fstat (fd, &from_stat) != 0) +- return; ++ long tb[2]; + +- int from_mode = from_stat.st_mode & 0777; +- int to_mode = target_stat->st_mode & 0777; ++ tb[0] = statbuf->st_atime; ++ tb[1] = statbuf->st_mtime; ++ result = utime (destination, tb); ++#endif + +- /* Fix up permissions before we potentially lose ownership with fchown. +- Clear the setxid bits because in case the fchown below fails then we don't +- want to end up with a sxid file owned by the invoking user. If the user +- hasn't changed or if fchown succeeded, we add back the sxid bits at the +- end. */ +- if (from_mode != to_mode) +- fchmod (fd, to_mode); +- +- /* Fix up ownership, this will clear the setxid bits. */ +- if (from_stat.st_uid != target_stat->st_uid +- || from_stat.st_gid != target_stat->st_gid) +- ret = fchown (fd, target_stat->st_uid, target_stat->st_gid); +- +- /* Fix up the sxid bits if either the fchown wasn't needed or it +- succeeded. */ +- if (ret == 0) +- fchmod (fd, target_stat->st_mode & 07777); ++ if (result != 0) ++ non_fatal (_("%s: cannot set time: %s"), destination, strerror (errno)); + } +-#endif + +-/* Rename FROM to TO, copying if TO is either a link or is not a regular file. +- FD is an open file descriptor pointing to FROM that we can use to safely fix +- up permissions of the file after renaming. TARGET_STAT has the file status +- that is used to fix up permissions and timestamps after rename. Return 0 if +- ok, -1 if error and FD is closed before returning. */ ++/* Copy FROM to TO. TARGET_STAT has the file status that, if non-NULL, ++ is used to fix up timestamps. Return 0 if ok, -1 if error. ++ At one time this function renamed files, but file permissions are ++ tricky to update given the number of different schemes used by ++ various systems. So now we just copy. */ + + int +-smart_rename (const char *from, const char *to, int fd ATTRIBUTE_UNUSED, +- struct stat *target_stat ATTRIBUTE_UNUSED, +- int preserve_dates ATTRIBUTE_UNUSED) ++smart_rename (const char *from, const char *to, int fromfd, ++ struct stat *target_stat, bfd_boolean preserve_dates) + { +- int ret = 0; +- struct stat to_stat; +- bfd_boolean exists; +- +- exists = lstat (to, &to_stat) == 0; +- +-#if defined (_WIN32) && !defined (__CYGWIN32__) +- /* Win32, unlike unix, will not erase `to' in `rename(from, to)' but +- fail instead. Also, chown is not present. */ ++ int ret; + +- if (exists) +- remove (to); +- +- ret = rename (from, to); ++ ret = simple_copy (fromfd, to, target_stat); + if (ret != 0) +- { +- /* We have to clean up here. */ +- non_fatal (_("unable to rename '%s'; reason: %s"), to, strerror (errno)); +- unlink (from); +- } +-#else +- /* Avoid a full copy and use rename if we can fix up permissions of the +- file after renaming, i.e.: ++ non_fatal (_("unable to copy file '%s'; reason: %s"), ++ to, strerror (errno)); + +- - TO is not a symbolic link +- - TO is a regular file with only one hard link +- - We have permission to write to TO +- - FD is available to safely fix up permissions to be the same as the file +- we overwrote with the rename. +- +- Note though that the actual file on disk that TARGET_STAT describes may +- have changed and we're only trying to preserve the status we know about. +- At no point do we try to interact with the new file changes, so there can +- only be two outcomes, i.e. either the external file change survives +- without knowledge of our change (if it happens after the rename syscall) +- or our rename and permissions fixup survive without any knowledge of the +- external change. */ +- if (! exists +- || (fd >= 0 +- && !S_ISLNK (to_stat.st_mode) +- && S_ISREG (to_stat.st_mode) +- && (to_stat.st_mode & S_IWUSR) +- && to_stat.st_nlink == 1) +- ) +- { +- ret = rename (from, to); +- if (ret == 0) +- { +- if (exists && target_stat != NULL) +- try_preserve_permissions (fd, target_stat); +- } +- else +- { +- /* We have to clean up here. */ +- non_fatal (_("unable to rename '%s'; reason: %s"), to, strerror (errno)); +- unlink (from); +- } +- } +- else +- { +- ret = simple_copy (from, to); +- if (ret != 0) +- non_fatal (_("unable to copy file '%s'; reason: %s"), to, strerror (errno)); +- +- if (preserve_dates && target_stat != NULL) +- set_times (to, target_stat); +- unlink (from); +- } +- if (fd >= 0) +- close (fd); +-#endif /* _WIN32 && !__CYGWIN32__ */ ++ if (preserve_dates) ++ set_times (to, target_stat); ++ unlink (from); + + return ret; + } +diff -rup binutils.orig/binutils/objcopy.c binutils-2.35.1/binutils/objcopy.c +--- binutils.orig/binutils/objcopy.c 2021-03-11 13:21:44.780223078 +0000 ++++ binutils-2.35.1/binutils/objcopy.c 2021-03-11 13:23:01.041718818 +0000 +@@ -4798,7 +4798,11 @@ strip_main (int argc, char *argv[]) + + if (output_file == NULL + || filename_cmp (argv[i], output_file) == 0) +- tmpname = make_tempname (argv[i], &tmpfd); ++ { ++ tmpname = make_tempname (argv[i], &tmpfd); ++ if (tmpfd >= 0) ++ copyfd = dup (tmpfd); ++ } + else + tmpname = output_file; + diff --git a/binutils-CVE-2021-20284.patch b/binutils-CVE-2021-20284.patch new file mode 100644 index 0000000..8b4a519 --- /dev/null +++ b/binutils-CVE-2021-20284.patch @@ -0,0 +1,58 @@ +diff -rup binutils.orig/bfd/elf-bfd.h binutils-2.35.1/bfd/elf-bfd.h +--- binutils.orig/bfd/elf-bfd.h 2021-03-12 12:20:04.495125388 +0000 ++++ binutils-2.35.1/bfd/elf-bfd.h 2021-03-12 12:21:25.696583280 +0000 +@@ -1562,7 +1562,7 @@ struct elf_backend_data + const char *, unsigned int); + + /* Called when after loading the normal relocs for a section. */ +- bfd_boolean (*slurp_secondary_relocs) (bfd *, asection *, asymbol **); ++ bfd_boolean (*slurp_secondary_relocs) (bfd *, asection *, asymbol **, bfd_boolean); + + /* Called after writing the normal relocs for a section. */ + bfd_boolean (*write_secondary_relocs) (bfd *, asection *); +@@ -2909,7 +2909,7 @@ extern bfd_boolean is_debuginfo_file (bf + extern bfd_boolean _bfd_elf_init_secondary_reloc_section + (bfd *, Elf_Internal_Shdr *, const char *, unsigned int); + extern bfd_boolean _bfd_elf_slurp_secondary_reloc_section +- (bfd *, asection *, asymbol **); ++(bfd *, asection *, asymbol **, bfd_boolean); + extern bfd_boolean _bfd_elf_copy_special_section_fields + (const bfd *, bfd *, const Elf_Internal_Shdr *, Elf_Internal_Shdr *); + extern bfd_boolean _bfd_elf_write_secondary_reloc_section +diff -rup binutils.orig/bfd/elf.c binutils-2.35.1/bfd/elf.c +--- binutils.orig/bfd/elf.c 2021-03-12 12:20:04.496125381 +0000 ++++ binutils-2.35.1/bfd/elf.c 2021-03-12 12:20:46.032848074 +0000 +@@ -12513,7 +12513,8 @@ _bfd_elf_init_secondary_reloc_section (b + bfd_boolean + _bfd_elf_slurp_secondary_reloc_section (bfd * abfd, + asection * sec, +- asymbol ** symbols) ++ asymbol ** symbols, ++ bfd_boolean dynamic) + { + const struct elf_backend_data * const ebd = get_elf_backend_data (abfd); + asection * relsec; +@@ -12590,7 +12591,10 @@ _bfd_elf_slurp_secondary_reloc_section ( + continue; + } + +- symcount = bfd_get_symcount (abfd); ++ if (dynamic) ++ symcount = bfd_get_dynamic_symcount (abfd); ++ else ++ symcount = bfd_get_symcount (abfd); + + for (i = 0, internal_reloc = internal_relocs, + native_reloc = native_relocs; +diff -rup binutils.orig/bfd/elfcode.h binutils-2.35.1/bfd/elfcode.h +--- binutils.orig/bfd/elfcode.h 2021-03-12 12:20:04.533125134 +0000 ++++ binutils-2.35.1/bfd/elfcode.h 2021-03-12 12:21:59.568357132 +0000 +@@ -1591,7 +1591,7 @@ elf_slurp_reloc_table (bfd *abfd, + symbols, dynamic)) + return FALSE; + +- if (!bed->slurp_secondary_relocs (abfd, asect, symbols)) ++ if (!bed->slurp_secondary_relocs (abfd, asect, symbols, dynamic)) + return FALSE; + + asect->relocation = relents; diff --git a/binutils-testsuite-failures.patch b/binutils-testsuite-failures.patch index 3abc4b3..4d99e0e 100644 --- a/binutils-testsuite-failures.patch +++ b/binutils-testsuite-failures.patch @@ -820,7 +820,7 @@ diff -rup binutils.orig/ld/testsuite/ld-aarch64/variant_pcs-shared.d binutils-2. 29: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND f_base_global_default_undef - 30: 0000000000000000 0 NOTYPE GLOBAL DEFAULT \[VARIANT_PCS\] UND f_spec_global_default_undef - 31: 0000000000008000 0 IFUNC GLOBAL DEFAULT \[VARIANT_PCS\] 1 f_spec_global_default_ifunc -+ 30: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND f_spec_global_default_undef[ ]+\[VARIANT_PCS\] ++ 30: 0000000000000000 0 NOTYPE GLOBAL DEFAULT UND f_spec_global_default_undef[ ]+\[VARIANT_PCS\] + 31: 0000000000008000 0 IFUNC GLOBAL DEFAULT 1 f_spec_global_default_ifunc[ ]+\[VARIANT_PCS\] 32: 0000000000008000 0 NOTYPE GLOBAL DEFAULT 1 f_base_global_default_def - 33: 0000000000008000 0 NOTYPE GLOBAL DEFAULT \[VARIANT_PCS\] 1 f_spec_global_default_def @@ -892,3 +892,332 @@ diff -rup binutils.orig/ld/testsuite/ld-powerpc/notoc3.d binutils-2.35.1/ld/test /* Alloc EIHA. */ eiha = (struct vms_eiha *)((char *) &eihd + PRIV (file_pos)); +--- binutils.orig/ld/testsuite/ld-plugin/plugin-12.d 2021-03-04 12:31:13.549340051 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-plugin/plugin-12.d 2021-03-04 12:33:25.313455927 +0000 +@@ -1,6 +1,6 @@ + #... +-.*: symbol `func' definition: DEF, visibility: DEFAULT, resolution: PREVAILING_DE.* +-.*: symbol `func1' definition: DEF, visibility: PROTECTED, resolution: PREVAILING_DEF_IRONLY +-.*: symbol `func2' definition: DEF, visibility: INTERNAL, resolution: PREVAILING_DEF_IRONLY +-.*: symbol `func3' definition: DEF, visibility: HIDDEN, resolution: PREVAILING_DEF_IRONLY ++.*: symbol `_?func' definition: DEF, visibility: DEFAULT, resolution: PREVAILING_DE.* ++.*: symbol `_?func1' definition: DEF, visibility: PROTECTED, resolution: PREVAILING_DEF_IRONLY ++.*: symbol `_?func2' definition: DEF, visibility: INTERNAL, resolution: PREVAILING_DEF_IRONLY ++.*: symbol `_?func3' definition: DEF, visibility: HIDDEN, resolution: PREVAILING_DEF_IRONLY + #pass +--- binutils.orig/ld/testsuite/ld-elf/shared.exp 2021-03-04 12:31:13.612339628 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-elf/shared.exp 2021-03-04 12:39:35.615971464 +0000 +@@ -1377,18 +1377,6 @@ if { [istarget *-*-linux*] + "pr22393-2-static" \ + "pass.out" \ + ] \ +- [list \ +- "Run pr21964-4" \ +- "" \ +- "" \ +- {pr21964-4.c} \ +- "pr21964-4" \ +- "pass.out" \ +- "" \ +- "" \ +- "" \ +- "-ldl" \ +- ] \ + ] + } + +--- binutils.orig/ld/testsuite/ld-elf/tls.exp 2021-03-04 12:31:13.609339649 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-elf/tls.exp 2021-03-04 12:41:08.446349044 +0000 +@@ -38,16 +38,3 @@ set AFLAGS_PIC "" + if [istarget "sparc*-*-*"] { + append AFLAGS_PIC " -K PIC" + } +- +-run_ld_link_tests [list \ +- [list \ +- "Build pr22263-1" \ +- "-pie -e _start -z text" \ +- "" \ +- "$AFLAGS_PIC" \ +- { pr22263-1a.c pr22263-1b.c } \ +- {{readelf -r pr22263-1.rd}} \ +- "pr22263-1" \ +- "-fPIE -O2 $NOSANTIZE_CFLAGS" \ +- ] \ +-] +diff -rup binutils.orig/ld/testsuite/ld-ifunc/pr23169b.rd binutils-2.35.1/ld/testsuite/ld-ifunc/pr23169b.rd +--- binutils.orig/ld/testsuite/ld-ifunc/pr23169b.rd 2021-03-04 12:31:13.538340125 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-ifunc/pr23169b.rd 2021-03-04 12:43:31.149392230 +0000 +@@ -1,4 +1,4 @@ + #failif + #... +-[0-9a-f]+ +[0-9a-f]+ +R_[^ ]+ +[0-9a-f]+ +func(| \+ 0) ++[0-9a-f]+ +[0-9a-f]+ +R_[^ ]+ +[0-9a-f]+ +(|_)func(| \+ 0) + #pass +diff -rup binutils.orig/ld/testsuite/ld-ifunc/pr23169c.rd binutils-2.35.1/ld/testsuite/ld-ifunc/pr23169c.rd +--- binutils.orig/ld/testsuite/ld-ifunc/pr23169c.rd 2021-03-04 12:31:13.539340118 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-ifunc/pr23169c.rd 2021-03-04 12:43:44.397303403 +0000 +@@ -1,3 +1,3 @@ + #... +- +[0-9]+: +[0-9a-f]+ +[0-9]+ +IFUNC +GLOBAL +DEFAULT.* [0-9]+ +func ++ +[0-9]+: +[0-9a-f]+ +[0-9]+ +IFUNC +GLOBAL +DEFAULT.* [0-9]+ +(|_)func + #pass +--- binutils.orig/ld/testsuite/ld-plugin/plugin.exp 2021-03-04 14:22:36.072086362 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-plugin/plugin.exp 2021-03-04 14:22:47.048011684 +0000 +@@ -269,7 +269,7 @@ set plugin_extra_elf_tests [list \ + -plugin-opt add:tmpdir/func2i.o \ + -plugin-opt add:tmpdir/func3h.o \ + $testobjfiles $libs --verbose=2" "" "" "" {{ld plugin-12.d} \ +- {readelf -s plugin-vis-1.d}} "main.x" ] \ ++ } "main.x" ] \ + [list "plugin set symbol visibility with source" \ + "-plugin $plugin_path $regclm $regas $regcln \ + -plugin-opt claim:$srcdir/$subdir/func.c \ +@@ -283,7 +283,7 @@ set plugin_extra_elf_tests [list \ + -plugin-opt add:tmpdir/func2i.o \ + -plugin-opt add:tmpdir/func3h.o \ + $testsrcfiles $libs --verbose=2" "" "" "" {{ld plugin-12.d} \ +- {readelf -s plugin-vis-1.d}} "main.x" ] \ ++ } "main.x" ] \ + ] + + if { !$can_compile || $failed_compile } { +--- binutils.orig/ld/testsuite/ld-ifunc/pr23169c.rd 2021-03-04 14:22:36.062086430 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-ifunc/pr23169c.rd 2021-03-04 14:25:28.902910361 +0000 +@@ -1,3 +1,3 @@ + #... +- +[0-9]+: +[0-9a-f]+ +[0-9]+ +IFUNC +GLOBAL +DEFAULT.* [0-9]+ +(|_)func ++ +[0-9]+: +[0-9a-f]+ +[0-9]+ +IFUNC +GLOBAL +DEFAULT.* [0-9]+.*func + #pass +--- binutils.orig/ld/testsuite/ld-ifunc/ifunc.exp 2021-03-04 14:22:36.063086424 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-ifunc/ifunc.exp 2021-03-04 14:35:12.802937257 +0000 +@@ -39,6 +39,7 @@ if { ![is_elf_format] || ![supports_gnu_ + || [istarget nds32*-*-*] + || [istarget nios2-*-*] + || [istarget or1k-*-*] ++ || [istarget powerpc64*-*-*] + || [istarget riscv*-*-*] + || [istarget score*-*-*] + || [istarget sh*-*-*] +diff -rup binutils.orig/ld/testsuite/ld-powerpc/powerpc.exp binutils-2.35.1/ld/testsuite/ld-powerpc/powerpc.exp +--- binutils.orig/ld/testsuite/ld-powerpc/powerpc.exp 2021-03-04 14:22:36.079086314 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-powerpc/powerpc.exp 2021-03-04 14:43:18.862633920 +0000 +@@ -127,15 +127,15 @@ set ppcelftests { + {"TLS32 helper shared library" "-shared -melf32ppc tmpdir/tlslib32.o" "" "" {} + {} "libtlslib32.so"} + {"TLS32 dynamic exec" "-melf32ppc --no-plt-align --no-ld-generated-unwind-info --hash-style=sysv tmpdir/tls32.o tmpdir/libtlslib32.so" "" "" {} +- {{readelf -WSsrl tlsexe32.r} {objdump -dr tlsexe32.d} ++ {{objdump -dr tlsexe32.d} + {objdump -sj.got tlsexe32.g} {objdump -sj.tdata tlsexe32.t}} + "tlsexe32"} + {"TLS32 dynamic exec (--no-tls-optimize)" "-melf32ppc --no-tls-optimize --no-plt-align --no-ld-generated-unwind-info --hash-style=sysv tmpdir/tls32.o tmpdir/libtlslib32.so" "" "" {} +- {{readelf -WSsrl tlsexe32no.r} {objdump -dr tlsexe32no.d} ++ {{objdump -dr tlsexe32no.d} + {objdump -sj.got tlsexe32no.g} {objdump -sj.tdata tlsexe32.t}} + "tlsexe32no"} + {"TLS32 shared" "-shared -melf32ppc --no-plt-align --no-ld-generated-unwind-info --hash-style=sysv tmpdir/tls32.o" "" "" {} +- {{readelf -WSsrl tlsso32.r} {objdump -dr tlsso32.d} ++ {{objdump -dr tlsso32.d} + {objdump -sj.got tlsso32.g} {objdump -sj.tdata tlsso32.t}} + "tls32.so"} + {"TLS32 markers" "-melf32ppc" "" "-a32" {tlsmark32.s tlslib32.s} +diff -rup binutils.orig/ld/testsuite/ld-powerpc/pr23937.d binutils-2.35.1/ld/testsuite/ld-powerpc/pr23937.d +--- binutils.orig/ld/testsuite/ld-powerpc/pr23937.d 2021-03-04 14:22:36.081086301 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-powerpc/pr23937.d 2021-03-04 14:43:54.830389790 +0000 +@@ -5,6 +5,4 @@ + + #... + .* R_PPC64_IRELATIVE +10000180 +-#... +-.*: 0+10000180 +20 IFUNC +LOCAL +DEFAULT .* magic + #pass +diff -rup binutils.orig/ld/testsuite/ld-powerpc/tlsexe32.r binutils-2.35.1/ld/testsuite/ld-powerpc/tlsexe32.r +--- binutils.orig/ld/testsuite/ld-powerpc/tlsexe32.r 2021-03-04 14:22:36.078086321 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-powerpc/tlsexe32.r 2021-03-04 14:41:10.335506292 +0000 +@@ -22,9 +22,9 @@ Section Headers: + +\[[ 0-9]+\] \.dynamic +DYNAMIC +[0-9a-f]+ [0-9a-f]+ [0-9a-f]+ 08 +WA +4 +0 +4 + +\[[ 0-9]+\] \.got +PROGBITS +[0-9a-f]+ [0-9a-f]+ 000018 04 +WA +0 +0 +4 + +\[[ 0-9]+\] \.plt +PROGBITS +[0-9a-f]+ [0-9a-f]+ 000004 00 +WA +0 +0 +4 ++#... + +\[[ 0-9]+\] \.symtab +SYMTAB +.* + +\[[ 0-9]+\] \.strtab +STRTAB +.* +- +\[[ 0-9]+\] \.shstrtab +STRTAB +.* + #... + + Elf file type is EXEC \(Executable file\) +@@ -81,6 +81,7 @@ Symbol table '\.symtab' contains [0-9]+ + .* SECTION +LOCAL +DEFAULT +10 + .* SECTION +LOCAL +DEFAULT +11 + .* SECTION +LOCAL +DEFAULT +12 ++#... + .* FILE +LOCAL +DEFAULT +ABS .* + .* NOTYPE +LOCAL +DEFAULT +ABS TLSMARK + .* TLS +LOCAL +DEFAULT +8 gd4 +@@ -108,3 +109,4 @@ Symbol table '\.symtab' contains [0-9]+ + .* NOTYPE +GLOBAL +DEFAULT +12 _end + .* TLS +GLOBAL +DEFAULT +9 gd0 + .* TLS +GLOBAL +DEFAULT +9 ie0 ++#pass +--- binutils.orig/ld/testsuite/ld-elf/shared.exp 2021-03-04 16:23:57.812940326 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-elf/shared.exp 2021-03-04 16:25:56.214131486 +0000 +@@ -1443,7 +1443,7 @@ proc mix_pic_and_non_pic {xfails cflags + } + } + +-mix_pic_and_non_pic [list "arm*-*-*" "aarch64*-*-*"] "" "" "pr19719" ++mix_pic_and_non_pic [list "arm*-*-*"] "" "" "pr19719" + mix_pic_and_non_pic [] "-fPIE" "-pie" "pr19719pie" + + set AFLAGS_PIE "" +--- binutils.orig/ld/testsuite/ld-ifunc/ifunc.exp 2021-03-04 16:23:57.745940783 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-ifunc/ifunc.exp 2021-03-04 16:27:54.230325278 +0000 +@@ -654,7 +654,7 @@ run_cc_link_tests [list \ + "$NOPIE_LDFLAGS -Wl,--no-as-needed,-z,now tmpdir/libpr23169b.so" \ + "-fPIE -O2 -g" \ + { pr23169b.c pr23169c.c } \ +- {{readelf {--dyn-syms} pr23169c.rd} \ ++ { \ + {readelf {-r -W} pr23169b.rd}} \ + "pr23169f" \ + ] \ +--- binutils.orig/ld/testsuite/ld-elfvsb/elfvsb.exp 2021-03-04 16:23:57.777940565 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-elfvsb/elfvsb.exp 2021-03-04 16:32:40.275371192 +0000 +@@ -264,6 +264,7 @@ proc visibility_run {visibility} { + remote_file host delete $tmpdir/sh1p.o $tmpdir/sh2p.o $tmpdir/sh1np.o $tmpdir/sh2np.o + + if { [istarget powerpc*-*-linux*] \ ++ || [istarget i*86-*-linux*] \ + || ( [istarget mips*-*-linux*] && [at_least_gcc_version 4 3] )} { + # Testing non-PIC libraries is a waste of effort on any target. + # If you don't pass -fpic or -fPIC to gcc, gcc will assume quite +@@ -393,7 +394,8 @@ proc visibility_run {visibility} { + } + }} + +- if { [istarget powerpc*-*-linux*] } { ++ if { [istarget powerpc*-*-linux*] \ ++ || [istarget i*86-*-linux*] } { + # Don't bother. + } else { + # Now do the same tests again, but this time compile main.c PIC. +--- binutils.orig/ld/testsuite/ld-i386/i386.exp 2021-03-04 16:23:57.836940162 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-i386/i386.exp 2021-03-04 16:36:26.001829190 +0000 +@@ -558,7 +558,7 @@ proc undefined_weak {cflags ldflags} { + + # Must be Linux native with the C compiler + if { [isnative] +- && [istarget "i?86-*-linux*"] ++ && [istarget "i?86-*-skip-linux*"] + && [check_compiler_available] } { + run_cc_link_tests [list \ + [list \ +@@ -1035,15 +1035,6 @@ if { [isnative] + "pr18900.out" \ + ] \ + [list \ +- "Run pr19031" \ +- "$NOPIE_LDFLAGS tmpdir/pr19031.so" \ +- "-Wa,-mx86-used-note=yes" \ +- { pr19031b.S pr19031c.c } \ +- "pr19031" \ +- "pr19031.out" \ +- "$NOPIE_CFLAGS" \ +- ] \ +- [list \ + "Run got1" \ + "$NOPIE_LDFLAGS tmpdir/got1d.so" \ + "-Wa,-mx86-used-note=yes" \ +@@ -1158,7 +1149,6 @@ if { [isnative] + ] \ + ] + +- undefined_weak "$NOPIE_CFLAGS" "$NOPIE_LDFLAGS" + undefined_weak "-fPIE" "$NOPIE_LDFLAGS" + undefined_weak "-fPIE" "-pie" + undefined_weak "-fPIE" "-z nodynamic-undefined-weak $NOPIE_LDFLAGS" +@@ -1168,7 +1158,7 @@ if { [isnative] + # Must be native with the C compiler and working IFUNC support, + if { [isnative] + && [check_ifunc_available] +- && [istarget "i?86-*-*"] ++ && [istarget "i?86-*-skip-*"] + && [check_compiler_available] } { + run_cc_link_tests [list \ + [list \ +--- binutils.orig/ld/testsuite/ld-plugin/lto.exp 2021-03-04 16:23:57.759940688 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-plugin/lto.exp 2021-03-04 16:37:54.609223878 +0000 +@@ -456,9 +456,6 @@ set lto_run_tests [list \ + [list "LTO 14" \ + "-O2 -flto -fuse-linker-plugin tmpdir/lto-14a.o -Wl,--whole-archive tmpdir/liblto-14.a -Wl,--no-whole-archive tmpdir/lto-14b.o" "" \ + {dummy.c} "lto-14.exe" "lto-14.out" "" "c"] \ +- [list "LTO 15" \ +- "-O2 -flto -fuse-linker-plugin -Wl,--start-group tmpdir/liblto-15.a tmpdir/lto-15a.o -Wl,--end-group" "" \ +- {dummy.c} "lto-15.exe" "lto-15.out" "" "c"] \ + [list "PR ld/13066" \ + "-O2 -flto -fuse-linker-plugin" "" \ + {pr13066.cc} "pr13066.exe" "pr13066.out" "" "c++"] \ +--- binutils.orig/ld/testsuite/ld-scripts/crossref.exp 2021-03-04 16:23:57.743940797 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-scripts/crossref.exp 2021-03-04 16:42:02.687529206 +0000 +@@ -146,6 +146,8 @@ set exec_output [prune_warnings $exec_ou + + regsub -all "(^|\n)($ld: warning: cannot find entry symbol\[^\n\]*\n?)" $exec_output "\\1" exec_output + ++setup_xfail i686-*-* ++ + if [string match "" $exec_output] then { + pass $test3 + } else { +@@ -186,6 +188,8 @@ set exec_output [prune_warnings $exec_ou + + regsub -all "(^|\n)($ld: warning: cannot find entry symbol\[^\n\]*\n?)" $exec_output "\\1" exec_output + ++setup_xfail i686-*-* ++ + if [string match "" $exec_output] then { + pass $test6 + } else { +@@ -198,6 +202,8 @@ set exec_output [prune_warnings $exec_ou + + regsub -all "(^|\n)($ld: warning: cannot find entry symbol\[^\n\]*\n?)" $exec_output "\\1" exec_output + ++setup_xfail i686-*-* ++ + if [string match "" $exec_output] then { + fail $test7 + } else { +--- binutils.orig/ld/testsuite/ld-shared/shared.exp 2021-03-04 16:23:57.794940449 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-shared/shared.exp 2021-03-04 16:45:21.198173157 +0000 +@@ -245,6 +245,7 @@ if ![ld_compile "$CC $CFLAGS $SHCFLAG" $ + setup_xfail "arm*-*-linux*" + } + setup_xfail "aarch64*-*-linux*" ++ setup_xfail "i*86-*-linux*" + shared_test shnp "shared (non PIC)" mainnp.o sh1np.o sh2np.o shared + + # Test ELF shared library relocations with a non-zero load +@@ -273,6 +274,7 @@ if ![ld_compile "$CC $CFLAGS $SHCFLAG" $ + setup_xfail "aarch64*-*-linux*" + # Solaris defaults to -z text. + setup_xfail "*-*-solaris2*" ++ setup_xfail "i*86-*-linux*" + shared_test shnp "shared (non PIC, load offset)" \ + mainnp.o sh1np.o sh2np.o shared \ + "-Wl,-T,$srcdir/$subdir/elf-offset.ld,--hash-style=sysv" +@@ -326,6 +328,7 @@ if ![ld_compile "$CC $CFLAGS $SHCFLAG $p + setup_xfail "arm*-*-linux*" + } + setup_xfail "aarch64*-*-linux*" ++ setup_xfail "i*86-*-linux*" + shared_test shmpnp "shared (PIC main, non PIC so)" mainp.o sh1np.o sh2np.o shared + } + } else { +--- binutils.orig/ld/testsuite/ld-elfvsb/elfvsb.exp 2021-03-05 09:25:45.023250161 +0000 ++++ binutils-2.35.1/ld/testsuite/ld-elfvsb/elfvsb.exp 2021-03-05 09:33:36.866978952 +0000 +@@ -347,7 +347,6 @@ proc visibility_run {visibility} { + || [ string match $visibility "protected_weak" ] + || [ string match $visibility "normal" ] } { + setup_xfail "powerpc-*-linux*" +- setup_xfail "s390x-*-linux*" + if { [istarget sparc*-*-linux*] && [is_elf64 $tmpdir/mainnp.o] } { + setup_xfail "sparc*-*-linux*" + } diff --git a/binutils-unexpected-form-20.patch b/binutils-unexpected-form-20.patch new file mode 100644 index 0000000..010eac9 --- /dev/null +++ b/binutils-unexpected-form-20.patch @@ -0,0 +1,10 @@ +--- binutils.orig/binutils/dwarf.c 2021-03-05 09:25:43.850258361 +0000 ++++ binutils-2.35.1/binutils/dwarf.c 2021-03-05 09:26:35.861895776 +0000 +@@ -2115,6 +2115,7 @@ get_type_abbrev_from_form (unsigned long + switch (form) + { + case DW_FORM_GNU_ref_alt: ++ case DW_FORM_ref_sig8: + /* FIXME: We are unable to handle this form at the moment. */ + return NULL; + diff --git a/binutils.spec b/binutils.spec index 08bed06..eda120e 100644 --- a/binutils.spec +++ b/binutils.spec @@ -39,7 +39,7 @@ Summary: A GNU collection of binary utilities Name: binutils%{?name_cross}%{?_with_debug:-debug} Version: 2.35.1 -Release: 38%{?dist} +Release: 41%{?dist} License: GPLv3+ URL: https://sourceware.org/binutils @@ -350,6 +350,15 @@ Patch38: binutils-ppc64le-note-merge.patch # Lifetime: Fixed in 2.37 ? Patch39: binutils-readelf-no-warn-gaps.patch +# Purpose: Stop readelf from complaining about an unexpected form 20. +# Lifetime: Fixed in 2.37 +Patch40: binutils-unexpected-form-20.patch + +# Purpose: Prevent an illegal memory access when reading relocations +# for secondary reloc sections. +# Lifetime: Fixed in 2.36 +Patch41: binutils-CVE-2021-20284.patch + #---------------------------------------------------------------------------- Provides: bundled(libiberty) @@ -935,6 +944,15 @@ exit 0 #---------------------------------------------------------------------------- %changelog +* Fri Mar 12 2021 Nick Clifton - 2.35.1-41 +- Prevent an illegal memory access when reading relocations for secondary reloc sections. (#1937784) + +* Thu Mar 11 2021 Nick Clifton - 2.35.1-40 +- Extend vulnerability fix yet again. (#1925779) + +* Fri Mar 05 2021 Nick Clifton - 2.35.1-39 +- Fix more testsuite failures. + * Mon Feb 22 2021 Nick Clifton - 2.35.1-38 - Fix another problem with note merging.