!113 Fix CVE-2021-42574

Merge pull request !113 from panxh_purple/openEuler-22.03-LTS-Next
2022-01-21 02:46:59 +00:00 · 2022-01-21 02:46:59 +00:00 · e77873c5c2
commit e77873c5c2
parent b3a4c8be77 33ff95a283
4 changed files with 2220 additions and 1 deletions
--- a/backport-0001-CVE-2021-42574.patch
+++ b/backport-0001-CVE-2021-42574.patch
--- a/backport-0002-CVE-2021-42574.patch
+++ b/backport-0002-CVE-2021-42574.patch
@ -0,0 +1,194 @@
+From 795588aec4f894206863c938bd6d716895886009 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Pekka=20Sepp=C3=A4nen?= <pexu@sourceware.mail.kapsi.fi>
+Date: Wed, 10 Nov 2021 20:15:19 +1030
+Subject: [PATCH] PR28575, readelf.c and strings.c use undefined type uint
+
+Since --unicode support (commit b3aa80b45c4) both binutils/readelf.c
+and binutils/strings.c use 'uint' in a few locations.  It likely
+should be 'unsigned int' since there isn't anything defining 'uint'
+within binutils (besides zlib) and AFAIK it isn't a standard type.
+
+	* readelf.c (print_symbol): Replace uint with unsigned int.
+	* strings.c (string_min, display_utf8_char): Likewise.
+	(print_unicode_stream_body, print_unicode_stream): Likewise.
+	(print_strings): Likewise.
+	(get_unicode_byte): Wrap long line.
+---
+ binutils/readelf.c |  4 ++--
+ binutils/strings.c | 41 ++++++++++++++++++++++-------------------
+ 2 files changed, 24 insertions(+), 21 deletions(-)
+
+diff --git a/binutils/readelf.c b/binutils/readelf.c
+index c71d542f051b..5a87728d3e98 100644
+--- a/binutils/readelf.c
+++ b/binutils/readelf.c
+@@ -702,7 +702,7 @@ print_symbol (signed int width, const char * symbol)
+ 	  /* Display unicode characters as something else.  */
+ 	  unsigned char bytes[4];
+ 	  bool          is_utf8;
+-	  uint          nbytes;
+	  unsigned int  nbytes;
+ 
+ 	  bytes[0] = c;
+ 
+@@ -767,7 +767,7 @@ print_symbol (signed int width, const char * symbol)
+ 
+ 	  if (unicode_display == unicode_hex || ! is_utf8)
+ 	    {
+-	      uint i;
+	      unsigned int i;
+ 
+ 	      if (width_remaining < (nbytes * 2) + 2)
+ 		break;
+diff --git a/binutils/strings.c b/binutils/strings.c
+index e8649a80d6a7..13db60f57a57 100644
+--- a/binutils/strings.c
+++ b/binutils/strings.c
+@@ -57,7 +57,7 @@
+ 
+   --unicode={default|locale|invalid|hex|escape|highlight}
+   -u {d|l|i|x|e|h}
+-                Determine how to handle UTF-8 unicode characters.  The default
+		Determine how to handle UTF-8 unicode characters.  The default
+ 		is no special treatment.  All other versions of this option
+ 		only apply if the encoding is valid and enabling the option
+ 		implies --encoding=S.
+@@ -123,7 +123,7 @@ extern int errno;
+ static int address_radix;
+ 
+ /* Minimum length of sequence of graphic chars to trigger output.  */
+-static uint string_min;
+static unsigned int string_min;
+ 
+ /* Whether or not we include all whitespace as a graphic char.   */
+ static bool include_all_whitespace;
+@@ -272,7 +272,7 @@ main (int argc, char **argv)
+ 
+ 	case 's':
+ 	  output_separator = optarg;
+-          break;
+	  break;
+ 
+ 	case 'U':
+ 	  if (streq (optarg, "default") || streq (optarg, "d"))
+@@ -677,7 +677,7 @@ is_valid_utf8 (const unsigned char * buffer, unsigned long buflen)
+ 
+   if ((buffer[2] & 0xc0) != 0x80)
+     return 0;
+-  
+
+   if ((buffer[0] & 0x10) == 0)
+     return 3;
+ 
+@@ -694,11 +694,11 @@ is_valid_utf8 (const unsigned char * buffer, unsigned long buflen)
+    of unicode_display.  The character is known to be valid.
+    Returns the number of bytes consumed.  */
+ 
+-static uint
+static unsigned int
+ display_utf8_char (const unsigned char * buffer)
+ {
+-  uint j;
+-  uint utf8_len;
+  unsigned int j;
+  unsigned int utf8_len;
+ 
+   switch (buffer[0] & 0x30)
+     {
+@@ -712,7 +712,7 @@ display_utf8_char (const unsigned char * buffer)
+     default:
+       utf8_len = 4;
+     }
+-      
+
+   switch (unicode_display)
+     {
+     default:
+@@ -728,7 +728,7 @@ display_utf8_char (const unsigned char * buffer)
+ 	{
+ 	case 2:
+ 	  printf ("\\u%02x%02x",
+-		  ((buffer[0] & 0x1c) >> 2), 
+		  ((buffer[0] & 0x1c) >> 2),
+ 		  ((buffer[0] & 0x03) << 6) | (buffer[1] & 0x3f));
+ 	  break;
+ 
+@@ -857,7 +857,7 @@ print_unicode_buffer (const char *            filename,
+     return;
+ 
+   print_filename_and_address (filename, address + start_point);
+-  
+
+   /* We have found string_min characters.  Display them and any
+      more that follow.  */
+   for (i = start_point; i < buflen; i += char_len)
+@@ -888,7 +888,10 @@ print_unicode_buffer (const char *            filename,
+ }
+ 
+ static int
+-get_unicode_byte (FILE * stream, unsigned char * putback, uint * num_putback, uint * num_read)
+get_unicode_byte (FILE *          stream,
+		  unsigned char * putback,
+		  unsigned int *  num_putback,
+		  unsigned int *  num_read)
+ {
+   if (* num_putback > 0)
+     {
+@@ -912,7 +915,7 @@ print_unicode_stream_body (const char *     filename,
+ 			   file_ptr         address,
+ 			   FILE *           stream,
+ 			   unsigned char *  putback_buf,
+-			   uint             num_putback,
+			   unsigned int     num_putback,
+ 			   unsigned char *  print_buf)
+ {
+   /* It would be nice if we could just read the stream into a buffer
+@@ -921,9 +924,9 @@ print_unicode_stream_body (const char *     filename,
+      we go one byte at a time...  */
+ 
+   file_ptr start_point = 0;
+-  uint num_read = 0;
+-  uint num_chars = 0;
+-  uint num_print = 0;
+  unsigned int num_read = 0;
+  unsigned int num_chars = 0;
+  unsigned int num_print = 0;
+   int c = 0;
+ 
+   /* Find a series of string_min characters.  Put them into print_buf.  */
+@@ -1064,7 +1067,7 @@ print_unicode_stream_body (const char *     filename,
+ 
+       print_filename_and_address (filename, address + start_point);
+ 
+-      uint i;
+      unsigned int i;
+       for (i = 0; i < num_print;)
+ 	{
+ 	  if (print_buf[i] < 127)
+@@ -1075,7 +1078,7 @@ print_unicode_stream_body (const char *     filename,
+ 
+       /* OK so now we have to start read unchecked bytes.  */
+ 
+-        /* Find a series of string_min characters.  Put them into print_buf.  */
+      /* Find a series of string_min characters.  Put them into print_buf.  */
+       do
+ 	{
+ 	  c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read);
+@@ -1213,7 +1216,7 @@ print_unicode_stream (const char * filename,
+   unsigned char * print_buf = xmalloc ((4 * string_min) + 1);
+   /* We should never have to put back more than 4 bytes.  */
+   unsigned char putback_buf[5];
+-  uint num_putback = 0;
+  unsigned int num_putback = 0;
+ 
+   print_unicode_stream_body (filename, address, stream, putback_buf, num_putback, print_buf);
+   free (print_buf);
+@@ -1250,7 +1253,7 @@ print_strings (const char *filename, FILE *stream, file_ptr address,
+   while (1)
+     {
+       file_ptr start;
+-      uint i;
+      unsigned int i;
+       long c;
+ 
+       /* See if the next `string_min' chars are all graphic chars.  */
--- a/backport-0003-CVE-2021-42574.patch
+++ b/backport-0003-CVE-2021-42574.patch
@ -0,0 +1,33 @@
+From 584294c4066d0101161e4e04744a46cce7a7863e Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@redhat.com>
+Date: Mon, 29 Nov 2021 15:37:24 +0000
+Subject: [PATCH] strings: Replace references to -u option with references to
+ -U.
+
+	PR 28632
+---
+ binutils/strings.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/binutils/strings.c b/binutils/strings.c
+index f594299939f9..f85cb03406c9 100644
+--- a/binutils/strings.c
+++ b/binutils/strings.c
+@@ -57,7 +57,7 @@
+ 		Specify a non-default object file format.
+ 
+   --unicode={default|locale|invalid|hex|escape|highlight}
+-  -u {d|l|i|x|e|h}
+  -U {d|l|i|x|e|h}
+ 		Determine how to handle UTF-8 unicode characters.  The default
+ 		is no special treatment.  All other versions of this option
+ 		only apply if the encoding is valid and enabling the option
+@@ -1333,7 +1333,7 @@ usage (FILE *stream, int status)
+   -e --encoding={s,S,b,l,B,L} Select character size and endianness:\n\
+                             s = 7-bit, S = 8-bit, {b,l} = 16-bit, {B,L} = 32-bit\n\
+   --unicode={default|show|invalid|hex|escape|highlight}\n\
+-  -u {d|s|i|x|e|h}          Specify how to treat UTF-8 encoded unicode characters\n\
+  -U {d|s|i|x|e|h}          Specify how to treat UTF-8 encoded unicode characters\n\
+   -s --output-separator=<string> String used to separate strings in output.\n\
+   @<file>                   Read options from <file>\n\
+   -h --help                 Display this information\n\
--- a/binutils.spec
+++ b/binutils.spec
@ -1,7 +1,7 @@
 Summary: Binary utilities
 Name:    binutils
 Version: 2.37
-Release: 2
+Release: 3
 License: GPLv3+
 URL:     https://sourceware.org/binutils

@ -26,6 +26,9 @@ Patch4:  CVE-2019-1010204.patch

 Patch5:  Fix-a-potential-use-of-an-uninitialised-value-in-the.patch
 Patch6:  backport-CVE-2021-45078.patch
+Patch7:  backport-0001-CVE-2021-42574.patch
+Patch8:  backport-0002-CVE-2021-42574.patch
+Patch9:  backport-0003-CVE-2021-42574.patch

 Provides: bundled(libiberty)

@ -348,6 +351,12 @@ fi
 %{_infodir}/bfd*info*

 %changelog
+* Wed Jan 19 2022 panxiaohe <panxiaohe@huawei.com> - 2.37-3
+- Type:CVE
+- ID:CVE-2021-42574
+- SUG:NA
+- DESC:Fix CVE-2021-42574
+
 * Fri Dec 24 2021 yangzhuangzhuang <yangzhuangzhuang1@huawei.com> - 2.37-2
 - Type:CVE
 - ID:CVE-2021-45078