summaryrefslogtreecommitdiffstats
path: root/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-18607.patch
diff options
context:
space:
mode:
Diffstat (limited to 'poky/meta/recipes-devtools/binutils/binutils/CVE-2018-18607.patch')
-rw-r--r--poky/meta/recipes-devtools/binutils/binutils/CVE-2018-18607.patch77
1 files changed, 77 insertions, 0 deletions
diff --git a/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-18607.patch b/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-18607.patch
new file mode 100644
index 000000000..38225d171
--- /dev/null
+++ b/poky/meta/recipes-devtools/binutils/binutils/CVE-2018-18607.patch
@@ -0,0 +1,77 @@
+From 102def4da826b3d9e169741421e5e67e8731909a Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Tue, 23 Oct 2018 18:30:22 +1030
+Subject: [PATCH] PR23805, NULL pointer dereference in elf_link_input_bfd
+
+ PR 23805
+ * elflink.c (elf_link_input_bfd): Don't segfault on finding
+ STT_TLS symbols without any TLS sections. Instead, change the
+ symbol type to STT_NOTYPE.
+
+Upstream-Status: Backport
+CVE: CVE-2018-18606
+Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
+---
+ bfd/ChangeLog | 7 +++++++
+ bfd/elflink.c | 20 ++++++++++++++------
+ 2 files changed, 21 insertions(+), 6 deletions(-)
+
+diff --git a/bfd/ChangeLog b/bfd/ChangeLog
+index da423b1..1f3fc1c 100644
+--- a/bfd/ChangeLog
++++ b/bfd/ChangeLog
+@@ -1,5 +1,12 @@
+ 2018-10-23 Alan Modra <amodra@gmail.com>
+
++ PR 23805
++ * elflink.c (elf_link_input_bfd): Don't segfault on finding
++ STT_TLS symbols without any TLS sections. Instead, change the
++ symbol type to STT_NOTYPE.
++
++2018-10-23 Alan Modra <amodra@gmail.com>
++
+ PR 23806
+ * merge.c (_bfd_add_merge_section): Don't attempt to merge
+ sections with ridiculously large alignments.
+diff --git a/bfd/elflink.c b/bfd/elflink.c
+index c3876cb..87440db 100644
+--- a/bfd/elflink.c
++++ b/bfd/elflink.c
+@@ -10489,8 +10489,11 @@ elf_link_input_bfd (struct elf_final_link_info *flinfo, bfd *input_bfd)
+ if (ELF_ST_TYPE (osym.st_info) == STT_TLS)
+ {
+ /* STT_TLS symbols are relative to PT_TLS segment base. */
+- BFD_ASSERT (elf_hash_table (flinfo->info)->tls_sec != NULL);
+- osym.st_value -= elf_hash_table (flinfo->info)->tls_sec->vma;
++ if (elf_hash_table (flinfo->info)->tls_sec != NULL)
++ osym.st_value -= elf_hash_table (flinfo->info)->tls_sec->vma;
++ else
++ osym.st_info = ELF_ST_INFO (ELF_ST_BIND (osym.st_info),
++ STT_NOTYPE);
+ }
+ }
+
+@@ -11046,12 +11049,17 @@ elf_link_input_bfd (struct elf_final_link_info *flinfo, bfd *input_bfd)
+ sym.st_value += osec->vma;
+ if (ELF_ST_TYPE (sym.st_info) == STT_TLS)
+ {
++ struct elf_link_hash_table *htab
++ = elf_hash_table (flinfo->info);
++
+ /* STT_TLS symbols are relative to PT_TLS
+ segment base. */
+- BFD_ASSERT (elf_hash_table (flinfo->info)
+- ->tls_sec != NULL);
+- sym.st_value -= (elf_hash_table (flinfo->info)
+- ->tls_sec->vma);
++ if (htab->tls_sec != NULL)
++ sym.st_value -= htab->tls_sec->vma;
++ else
++ sym.st_info
++ = ELF_ST_INFO (ELF_ST_BIND (sym.st_info),
++ STT_NOTYPE);
+ }
+ }
+
+--
+2.9.3
OpenPOWER on IntegriCloud