packages/binutils
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!231 [sync] PR-224: fix CVE-2022-48064

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @eastb233 
Signed-off-by: @eastb233
This commit is contained in:
openeuler-ci-bot 2023-08-31 07:58:25 +00:00 committed by Gitee
commit 8d83d6945d
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 57 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
backport-CVE-2022-48064.patch Normal file
View File

@ -0,0 +1,52 @@
From 8f2c64de86bc3d7556121fe296dd679000283931 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Tue, 20 Dec 2022 23:47:03 +1030
Subject: [PATCH] PR29922, SHT_NOBITS section avoids section size sanity check
PR 29922
* dwarf2.c (find_debug_info): Ignore sections without
SEC_HAS_CONTENTS.
---
bfd/dwarf2.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
index 95f45708e9d..0cd8152ee6e 100644
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@@ -4831,16 +4831,19 @@ find_debug_info (bfd *abfd, const struct dwarf_debug_section *debug_sections,
{
look = debug_sections[debug_info].uncompressed_name;
msec = bfd_get_section_by_name (abfd, look);
- if (msec != NULL)
+ /* Testing SEC_HAS_CONTENTS is an anti-fuzzer measure. Of
+ course debug sections always have contents. */
+ if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0)
return msec;
look = debug_sections[debug_info].compressed_name;
msec = bfd_get_section_by_name (abfd, look);
- if (msec != NULL)
+ if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0)
return msec;
for (msec = abfd->sections; msec != NULL; msec = msec->next)
- if (startswith (msec->name, GNU_LINKONCE_INFO))
+ if ((msec->flags & SEC_HAS_CONTENTS) != 0
+ && startswith (msec->name, GNU_LINKONCE_INFO))
return msec;
return NULL;
@@ -4848,6 +4851,9 @@ find_debug_info (bfd *abfd, const struct dwarf_debug_section *debug_sections,
for (msec = after_sec->next; msec != NULL; msec = msec->next)
{
+ if ((msec->flags & SEC_HAS_CONTENTS) == 0)
+ continue;
+
look = debug_sections[debug_info].uncompressed_name;
if (strcmp (msec->name, look) == 0)
return msec;
--
2.39.3

6
binutils.spec
View File

@ -1,7 +1,7 @@
Summary: Binary utilities
Name: binutils
Version: 2.37
Release: 20
Release: 21
License: GPLv3+
URL: https://sourceware.org/binutils
@ -78,6 +78,7 @@ Patch52: backport-CVE-2022-47011.patch
Patch53: backport-CVE-2022-47696.patch
Patch54: backport-CVE-2021-46174.patch
Patch55: backport-CVE-2023-1972.patch
Patch56: backport-CVE-2022-48064.patch
Provides: bundled(libiberty)
@ -401,6 +402,9 @@ fi
%{_infodir}/bfd*info*
%changelog
* Thu Aug 31 2023 liningjie <liningjie@xfusion.com> - 2.37-21
- fix CVE-2022-48064
* Wed Aug 30 2023 eastb233 <xiezhiheng@huawei.com> - 2.37-20
- fix CVE-2023-1972