import-layers/yocto-poky/meta/recipes-devtools/binutils/binutils/CVE-2017-8395.patch - openbmc/openbmc - Gitiles

 From e63d123268f23a4cbc45ee55fb6dbc7d84729da3 Mon Sep 17 00:00:00 2001
 From: Nick Clifton <nickc@redhat.com>
 Date: Wed, 26 Apr 2017 13:07:49 +0100
 Subject: [PATCH] Fix seg-fault attempting to compress a debug section in a
  corrupt binary.

 	PR binutils/21431
 	* compress.c (bfd_init_section_compress_status): Check the return
 	value from bfd_malloc.

 Upstream-Status: Backport
 CVE: CVE-2017-8395
 Signed-off-by: Armin Kuster <akuster@mvista.com>

 ---
  bfd/ChangeLog  |  6 ++++++
  bfd/compress.c | 19 +++++++++----------
  2 files changed, 15 insertions(+), 10 deletions(-)

 Index: git/bfd/compress.c
 ===================================================================
 --- git.orig/bfd/compress.c
 +++ git/bfd/compress.c
 @@ -542,7 +542,6 @@ bfd_init_section_compress_status (bfd *a
  {
    bfd_size_type uncompressed_size;
    bfd_byte *uncompressed_buffer;
 -  bfd_boolean ret;

    /* Error if not opened for read.  */
    if (abfd->direction != read_direction
 @@ -558,18 +557,18 @@ bfd_init_section_compress_status (bfd *a
    /* Read in the full section contents and compress it.  */
    uncompressed_size = sec->size;
    uncompressed_buffer = (bfd_byte *) bfd_malloc (uncompressed_size);
 +  /* PR 21431 */
 +  if (uncompressed_buffer == NULL)
 +    return FALSE;
 +
    if (!bfd_get_section_contents (abfd, sec, uncompressed_buffer,
  				 0, uncompressed_size))
 -    ret = FALSE;
 -  else
 -    {
 -      uncompressed_size = bfd_compress_section_contents (abfd, sec,
 -							 uncompressed_buffer,
 -							 uncompressed_size);
 -      ret = uncompressed_size != 0;
 -    }
 +    return FALSE;

 -  return ret;
 +  uncompressed_size = bfd_compress_section_contents (abfd, sec,
 +						     uncompressed_buffer,
 +						     uncompressed_size);
 +  return uncompressed_size != 0;
  }

  /*
 Index: git/bfd/ChangeLog
 ===================================================================
 --- git.orig/bfd/ChangeLog
 +++ git/bfd/ChangeLog
 @@ -1,3 +1,8 @@
 +2017-04-26  Nick Clifton  <nickc@redhat.com>
 +
 +       PR binutils/21431
 +       * compress.c (bfd_init_section_compress_status): Check the return
 +       value from bfd_malloc.

  2017-04-23  Alan Modra  <amodra@gmail.com>
         PR 21414
	From e63d123268f23a4cbc45ee55fb6dbc7d84729da3 Mon Sep 17 00:00:00 2001
	From: Nick Clifton <nickc@redhat.com>
	Date: Wed, 26 Apr 2017 13:07:49 +0100
	Subject: [PATCH] Fix seg-fault attempting to compress a debug section in a
	corrupt binary.

	PR binutils/21431
	* compress.c (bfd_init_section_compress_status): Check the return
	value from bfd_malloc.

	Upstream-Status: Backport
	CVE: CVE-2017-8395
	Signed-off-by: Armin Kuster <akuster@mvista.com>

	---
	bfd/ChangeLog \| 6 ++++++
	bfd/compress.c \| 19 +++++++++----------
	2 files changed, 15 insertions(+), 10 deletions(-)

	Index: git/bfd/compress.c
	===================================================================
	--- git.orig/bfd/compress.c
	+++ git/bfd/compress.c
	@@ -542,7 +542,6 @@ bfd_init_section_compress_status (bfd *a
	{
	bfd_size_type uncompressed_size;
	bfd_byte *uncompressed_buffer;
	- bfd_boolean ret;

	/* Error if not opened for read. */
	if (abfd->direction != read_direction
	@@ -558,18 +557,18 @@ bfd_init_section_compress_status (bfd *a
	/* Read in the full section contents and compress it. */
	uncompressed_size = sec->size;
	uncompressed_buffer = (bfd_byte *) bfd_malloc (uncompressed_size);
	+ /* PR 21431 */
	+ if (uncompressed_buffer == NULL)
	+ return FALSE;
	+
	if (!bfd_get_section_contents (abfd, sec, uncompressed_buffer,
	0, uncompressed_size))
	- ret = FALSE;
	- else
	- {
	- uncompressed_size = bfd_compress_section_contents (abfd, sec,
	- uncompressed_buffer,
	- uncompressed_size);
	- ret = uncompressed_size != 0;
	- }
	+ return FALSE;

	- return ret;
	+ uncompressed_size = bfd_compress_section_contents (abfd, sec,
	+ uncompressed_buffer,
	+ uncompressed_size);
	+ return uncompressed_size != 0;
	}

	/*
	Index: git/bfd/ChangeLog
	===================================================================
	--- git.orig/bfd/ChangeLog
	+++ git/bfd/ChangeLog
	@@ -1,3 +1,8 @@
	+2017-04-26 Nick Clifton <nickc@redhat.com>
	+
	+ PR binutils/21431
	+ * compress.c (bfd_init_section_compress_status): Check the return
	+ value from bfd_malloc.

	2017-04-23 Alan Modra <amodra@gmail.com>
	PR 21414