poky/meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch - openbmc/openbmc - Gitiles

 From ab419ddbb2cdd17ca83618990f2cacf904ce1d61 Mon Sep 17 00:00:00 2001
 From: Alan Modra <amodra@gmail.com>
 Date: Tue, 23 Oct 2018 18:29:24 +1030
 Subject: [PATCH] PR23804, buffer overflow in sec_merge_hash_lookup

 	PR 23804
 	* merge.c (_bfd_add_merge_section): Don't attempt to merge
 	sections where size is not a multiple of entsize.

 Upstream-Status: Backport
 CVE: CVE-2018-18605
 Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
 ---
  bfd/ChangeLog | 6 ++++++
  bfd/merge.c   | 3 +++
  2 files changed, 9 insertions(+)

 --- a/bfd/merge.c
 +++ b/bfd/merge.c
 @@ -376,6 +376,9 @@ _bfd_add_merge_section (bfd *abfd, void
        || sec->entsize == 0)
      return TRUE;

 +  if (sec->size % sec->entsize != 0)
 +    return TRUE;
 +
    if ((sec->flags & SEC_RELOC) != 0)
      {
        /* We aren't prepared to handle relocations in merged sections.  */
	From ab419ddbb2cdd17ca83618990f2cacf904ce1d61 Mon Sep 17 00:00:00 2001
	From: Alan Modra <amodra@gmail.com>
	Date: Tue, 23 Oct 2018 18:29:24 +1030
	Subject: [PATCH] PR23804, buffer overflow in sec_merge_hash_lookup

	PR 23804
	* merge.c (_bfd_add_merge_section): Don't attempt to merge
	sections where size is not a multiple of entsize.

	Upstream-Status: Backport
	CVE: CVE-2018-18605
	Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
	---
	bfd/ChangeLog \| 6 ++++++
	bfd/merge.c \| 3 +++
	2 files changed, 9 insertions(+)

	--- a/bfd/merge.c
	+++ b/bfd/merge.c
	@@ -376,6 +376,9 @@ _bfd_add_merge_section (bfd *abfd, void
	\|\| sec->entsize == 0)
	return TRUE;

	+ if (sec->size % sec->entsize != 0)
	+ return TRUE;
	+
	if ((sec->flags & SEC_RELOC) != 0)
	{
	/* We aren't prepared to handle relocations in merged sections. */