diff options
author | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2023-09-22 23:51:50 -0500 |
---|---|---|
committer | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2023-10-03 21:56:52 -0500 |
commit | 2c9ea8d0ea3c4510b5a4c9314c84c4444c933726 (patch) | |
tree | 856b85bc2e61dd819f3e9a77d2331338cf290561 /system/binutils/CVE-2019-17451.patch | |
parent | b7807f42fbd231b0783eb0d26fd60b63153ca6d9 (diff) | |
download | packages-2c9ea8d0ea3c4510b5a4c9314c84c4444c933726.tar.gz packages-2c9ea8d0ea3c4510b5a4c9314c84c4444c933726.tar.bz2 packages-2c9ea8d0ea3c4510b5a4c9314c84c4444c933726.tar.xz packages-2c9ea8d0ea3c4510b5a4c9314c84c4444c933726.zip |
system/binutils: Update to 2.41
* Vastly updated with significant features and target support.
* All tests are enabled now and passing!
Note: ARMv7 tests require the commit directly before this to be applied
to system/gcc.
Fixes: #652, #668, #1070
Diffstat (limited to 'system/binutils/CVE-2019-17451.patch')
-rw-r--r-- | system/binutils/CVE-2019-17451.patch | 38 |
1 files changed, 0 insertions, 38 deletions
diff --git a/system/binutils/CVE-2019-17451.patch b/system/binutils/CVE-2019-17451.patch deleted file mode 100644 index f6af71601..000000000 --- a/system/binutils/CVE-2019-17451.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 336bfbeb1848f4b9558456fdcf283ee8a32d7fd1 Mon Sep 17 00:00:00 2001 -From: Alan Modra <amodra@gmail.com> -Date: Wed, 9 Oct 2019 10:47:13 +1030 -Subject: [PATCH] PR25070, SEGV in function _bfd_dwarf2_find_nearest_line - -Evil testcase with two debug info sections, with sizes of 2aaaabac4ec1 -and ffffd5555453b140 result in a total size of 1. Reading the first -section of course overflows the buffer and tramples on other memory. - - PR 25070 - * dwarf2.c (_bfd_dwarf2_slurp_debug_info): Catch overflow of - total_size calculation. - -diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c -index d39f4fd..88aaa2d 100644 ---- a/bfd/dwarf2.c -+++ b/bfd/dwarf2.c -@@ -4439,7 +4439,16 @@ _bfd_dwarf2_slurp_debug_info (bfd *abfd, bfd *debug_bfd, - for (total_size = 0; - msec; - msec = find_debug_info (debug_bfd, debug_sections, msec)) -- total_size += msec->size; -+ { -+ /* Catch PR25070 testcase overflowing size calculation here. */ -+ if (total_size + msec->size < total_size -+ || total_size + msec->size < msec->size) -+ { -+ bfd_set_error (bfd_error_no_memory); -+ return FALSE; -+ } -+ total_size += msec->size; -+ } - - stash->info_ptr_memory = (bfd_byte *) bfd_malloc (total_size); - if (stash->info_ptr_memory == NULL) --- -2.9.3 - |