elfutils_0.148.bb: CVE-2014-9447 fix
Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9447 (From OE-Core rev: c992868a989926eac6c4b78a6bb9729bce54f2ed) Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
6e02676d2c
commit
86c77aca5b
|
@ -0,0 +1,36 @@
|
|||
From 323ca04a0c9189544075c19b49da67f6443a8950 Mon Sep 17 00:00:00 2001
|
||||
From: Li xin <lixin.fnst@cn.fujitsu.com>
|
||||
Date: Wed, 21 Jan 2015 09:33:38 +0900
|
||||
Subject: [PATCH] elf_begin.c: CVE-2014-9447 fix
|
||||
|
||||
this patch is from:
|
||||
https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e
|
||||
|
||||
Upstream-Status: Backport
|
||||
|
||||
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
|
||||
---
|
||||
libelf/elf_begin.c | 7 ++-----
|
||||
1 file changed, 2 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/libelf/elf_begin.c b/libelf/elf_begin.c
|
||||
index e46add3..e83ba35 100644
|
||||
--- a/libelf/elf_begin.c
|
||||
+++ b/libelf/elf_begin.c
|
||||
@@ -736,11 +736,8 @@ read_long_names (Elf *elf)
|
||||
break;
|
||||
|
||||
/* NUL-terminate the string. */
|
||||
- *runp = '\0';
|
||||
-
|
||||
- /* Skip the NUL byte and the \012. */
|
||||
- runp += 2;
|
||||
-
|
||||
+ *runp++ = '\0';
|
||||
+
|
||||
/* A sanity check. Somebody might have generated invalid
|
||||
archive. */
|
||||
if (runp >= newp + len)
|
||||
--
|
||||
1.8.4.2
|
||||
|
|
@ -8,7 +8,7 @@ DEPENDS = "libtool bzip2 zlib virtual/libintl"
|
|||
|
||||
PR = "r11"
|
||||
|
||||
SRC_URI = "https://fedorahosted.org/releases/e/l/elfutils/elfutils-${PV}.tar.bz2"
|
||||
SRC_URI = "https://fedorahosted.org/releases/e/l/${PN}/${BP}.tar.bz2"
|
||||
|
||||
SRC_URI[md5sum] = "a0bed1130135f17ad27533b0034dba8d"
|
||||
SRC_URI[sha256sum] = "8aebfa4a745db21cf5429c9541fe482729b62efc7e53e9110151b4169fe887da"
|
||||
|
@ -25,14 +25,15 @@ SRC_URI += "\
|
|||
file://m68k_backend.diff \
|
||||
file://testsuite-ignore-elflint.diff \
|
||||
file://elf_additions.diff \
|
||||
file://elfutils-fsize.patch \
|
||||
file://remove-unused.patch \
|
||||
file://mempcpy.patch \
|
||||
file://fix_for_gcc-4.7.patch \
|
||||
file://dso-link-change.patch \
|
||||
file://nm-Fix-size-passed-to-snprintf-for-invalid-sh_name-case.patch \
|
||||
file://elfutils-ar-c-fix-num-passed-to-memset.patch \
|
||||
file://Fix_elf_cvt_gunhash.patch \
|
||||
file://elfutils-fsize.patch \
|
||||
file://remove-unused.patch \
|
||||
file://mempcpy.patch \
|
||||
file://fix_for_gcc-4.7.patch \
|
||||
file://dso-link-change.patch \
|
||||
file://nm-Fix-size-passed-to-snprintf-for-invalid-sh_name-case.patch \
|
||||
file://elfutils-ar-c-fix-num-passed-to-memset.patch \
|
||||
file://Fix_elf_cvt_gunhash.patch \
|
||||
file://elf_begin.c-CVE-2014-9447-fix.patch \
|
||||
"
|
||||
# Only apply when building uclibc based target recipe
|
||||
SRC_URI_append_libc-uclibc = " file://uclibc-support.patch"
|
||||
|
@ -52,9 +53,9 @@ EXTRA_OECONF_append_class-native = " --without-bzlib"
|
|||
EXTRA_OECONF_append_libc-uclibc = " --enable-uclibc"
|
||||
|
||||
do_configure_prepend() {
|
||||
sed -i '/^i386_dis.h:/,+4 {/.*/d}' ${S}/libcpu/Makefile.am
|
||||
sed -i '/^i386_dis.h:/,+4 {/.*/d}' ${S}/libcpu/Makefile.am
|
||||
|
||||
cp ${WORKDIR}/*dis.h ${S}/libcpu
|
||||
cp ${WORKDIR}/*dis.h ${S}/libcpu
|
||||
}
|
||||
|
||||
# we can not build complete elfutils when using uclibc
|
||||
|
|
Loading…
Reference in New Issue