fix CVE-2022-4285

(cherry picked from commit 016677203edccacac2d0652a6d241a89de8b0cae)

backport-CVE-2022-4285.patch

@@ -0,0 +1,28 @@
+From: Nick Clifton <nickc@redhat.com>
+Date: Wed, 19 Oct 2022 14:09:12 +0000 (+0100)
+Subject: Fix an illegal memory access when parsing an ELF file containing corrupt symbol versi... 
+X-Git-Tag: gdb-13-branchpoint~796
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70
+
+Fix an illegal memory access when parsing an ELF file containing corrupt symbol version information.
+
+	PR 29699
+	* elf.c (_bfd_elf_slurp_version_tables): Fail if the sh_info field
+	of the section header is zero.
+---
+
+diff --git a/bfd/elf.c b/bfd/elf.c
+index fe00e0f9189..7cd7febcf95 100644
+--- a/bfd/elf.c
++++ b/bfd/elf.c
+@@ -8918,7 +8918,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver)
+ 	  bfd_set_error (bfd_error_file_too_big);
+ 	  goto error_return_verref;
+ 	}
+-      elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_alloc (abfd, amt);
++      if (amt == 0)
++	goto error_return_verref;
++      elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_zalloc (abfd, amt);
+       if (elf_tdata (abfd)->verref == NULL)
+ 	goto error_return_verref;
+ 

binutils.spec

@@ -1,7 +1,7 @@
 Summary: Binary utilities
 Name:    binutils
 Version: 2.37
-Release: 21
+Release: 22
 License: GPLv3+
 URL:     https://sourceware.org/binutils
 
@@ -79,6 +79,7 @@ Patch53: backport-CVE-2022-47696.patch
 Patch54: backport-CVE-2021-46174.patch
 Patch55: backport-CVE-2023-1972.patch
 Patch56: backport-CVE-2022-48064.patch
+Patch57: backport-CVE-2022-4285.patch
 
 Provides: bundled(libiberty)
 
@@ -402,6 +403,9 @@ fi
 %{_infodir}/bfd*info*
 
 %changelog
+* Thu Aug 31 2023 eastb233 <xiezhiheng@huawei.com> -2.37-22
+- fix CVE-2022-4285
+
 * Thu Aug 31 2023 liningjie <liningjie@xfusion.com> - 2.37-21
 - fix CVE-2022-48064