From 03714f9c021bca9fa83820d0248e16593217ad01 Mon Sep 17 00:00:00 2001 From: Max Rees Date: Mon, 30 Sep 2019 11:51:43 -0500 Subject: system/binutils: patch CVE-2019-14444 (#174) --- system/binutils/APKBUILD | 6 +++++- system/binutils/CVE-2019-14444.patch | 28 ++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 system/binutils/CVE-2019-14444.patch (limited to 'system') diff --git a/system/binutils/APKBUILD b/system/binutils/APKBUILD index 33e6579c0..8304e5c7d 100644 --- a/system/binutils/APKBUILD +++ b/system/binutils/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Adelie Platform Group pkgname=binutils pkgver=2.32 -pkgrel=2 +pkgrel=3 pkgdesc="Tools necessary to build programs" url="https://www.gnu.org/software/binutils/" depends="" @@ -30,6 +30,7 @@ source="https://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz CVE-2019-9077.patch CVE-2019-12972.patch CVE-2019-14250.patch + CVE-2019-14444.patch BTS-170.patch BTS-196.patch " @@ -59,6 +60,8 @@ fi # - CVE-2019-9077 # - CVE-2019-12972 # - CVE-2019-14250 +# 2.32-r3: +# - CVE-2019-14444 build() { local _sysroot=/ @@ -152,5 +155,6 @@ a46b9211608e2f35219b95363a5ba90506742dcb9e4bd4a43915af6c0b3e74bd8339a8318dc2923c c0f50f1a843480f29b3895c8814df9801b9f90260edbaff1831aa5738fedd07a9e6b7a79f5b6f9be34df4954dbf02feb5232ebbecc596277fc2fe63673ed347c CVE-2019-9077.patch 9109a6ff9c55f310f86a1561fe6b404534928d402672490059bbe358f77c0c2a7f73c8b67f0a4450f00ba1776452858b63fa60cf2ec0744104a6b077e8fa3e42 CVE-2019-12972.patch c277202272d9883741c2530a94c6d50d55dd9d0a9efaa43a1f8c9fc7529bd45e635255c0d90035dfc5920d5387010a4259612a4d711260a95d7b3d9fa6500e4f CVE-2019-14250.patch +0942cc1a4c5ec03e931c6ebd15c5d60eae6be48cd0a3d9b7f6356f97361226bb6d53dbdcb01b20efcca0ccaf23764730d9bbad2c1bbe2ea6ca320e43b43b311b CVE-2019-14444.patch d4543d2f77808d317d17a5f0eb9af21540ef8543fceaed4e3524213e31e058333321f3ba3b495199e3b57bfd0c4164929cf679369470389e26871b8895cb0110 BTS-170.patch 9cc17d9fe3fc1351d1f6b4fc1c916254529f3304c95db6f4698b867eeb623210b914dc798fb837eafbad2b287b78b31c4ed5482b3151a2992864da04e1dd5fac BTS-196.patch" diff --git a/system/binutils/CVE-2019-14444.patch b/system/binutils/CVE-2019-14444.patch new file mode 100644 index 000000000..43d4e2a91 --- /dev/null +++ b/system/binutils/CVE-2019-14444.patch @@ -0,0 +1,28 @@ +From e17869db99195849826eaaf5d2d0eb2cfdd7a2a7 Mon Sep 17 00:00:00 2001 +From: Nick Clifton +Date: Mon, 5 Aug 2019 10:40:35 +0100 +Subject: [PATCH] Catch potential integer overflow in readelf when processing + corrupt binaries. + + PR 24829 + * readelf.c (apply_relocations): Catch potential integer overflow + whilst checking reloc location against section size. +--- + binutils/readelf.c | 2 +- + +diff --git a/binutils/readelf.c b/binutils/readelf.c +index b896ad9..e785fde 100644 +--- a/binutils/readelf.c ++++ b/binutils/readelf.c +@@ -13366,7 +13366,7 @@ apply_relocations (Filedata * filedata, + } + + rloc = start + rp->r_offset; +- if ((rloc + reloc_size) > end || (rloc < start)) ++ if (rloc >= end || (rloc + reloc_size) > end || (rloc < start)) + { + warn (_("skipping invalid relocation offset 0x%lx in section %s\n"), + (unsigned long) rp->r_offset, +-- +2.9.3 + -- cgit v1.2.3-60-g2f50