import-layers/yocto-poky/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_5.patch - openbmc/openbmc - Gitiles

 From 7211ae501eb0de1044983f2dfb00091a58fbd66c Mon Sep 17 00:00:00 2001
 From: Alan Modra <amodra@gmail.com>
 Date: Tue, 27 Jun 2017 09:45:04 +0930
 Subject: [PATCH] More fixes for bfd_get_section_contents change

 	PR binutils/21665
 	* libbfd.c (_bfd_generic_get_section_contents): Delete abort.
 	Use unsigned file pointer type, and remove cast.
 	* libbfd.c (_bfd_generic_get_section_contents_in_window): Likewise.
 	Add "count", not "sz".

 Upstream-Status: Backport
 CVE: CVE-2017-9955 #5
 Signed-off-by: Armin Kuster <akuster@mvista.com>

 ---
  bfd/ChangeLog |  8 ++++++++
  bfd/libbfd.c  | 18 ++++--------------
  2 files changed, 12 insertions(+), 14 deletions(-)

 Index: git/bfd/ChangeLog
 ===================================================================
 --- git.orig/bfd/ChangeLog
 +++ git/bfd/ChangeLog
 @@ -1,3 +1,11 @@
 +2017-06-27  Alan Modra  <amodra@gmail.com>
 +
 +	PR binutils/21665
 +	* libbfd.c (_bfd_generic_get_section_contents): Delete abort.
 +	Use unsigned file pointer type, and remove cast.
 +	* libbfd.c (_bfd_generic_get_section_contents_in_window): Likewise.
 +	Add "count", not "sz".
 +
  2017-06-26  Pedro Alves  <palves@redhat.com>

  	PR binutils/21665
 Index: git/bfd/libbfd.c
 ===================================================================
 --- git.orig/bfd/libbfd.c
 +++ git/bfd/libbfd.c
 @@ -780,7 +780,7 @@ _bfd_generic_get_section_contents (bfd *
  				   bfd_size_type count)
  {
    bfd_size_type sz;
 -  file_ptr filesz;
 +  ufile_ptr filesz;
    if (count == 0)
      return TRUE;

 @@ -804,14 +804,9 @@ _bfd_generic_get_section_contents (bfd *
    else
      sz = section->size;
    filesz = bfd_get_file_size (abfd);
 -  if (filesz < 0)
 -    {
 -      /* This should never happen.  */
 -      abort ();
 -    }
    if (offset + count < count
        || offset + count > sz
 -      || (section->filepos + offset + count) > (bfd_size_type) filesz)
 +      || section->filepos + offset + count > filesz)
      {
        bfd_set_error (bfd_error_invalid_operation);
        return FALSE;
 @@ -834,7 +829,7 @@ _bfd_generic_get_section_contents_in_win
  {
  #ifdef USE_MMAP
    bfd_size_type sz;
 -  file_ptr filesz;
 +  ufile_ptr filesz;

    if (count == 0)
      return TRUE;
 @@ -868,13 +863,8 @@ _bfd_generic_get_section_contents_in_win
    else
      sz = section->size;
    filesz = bfd_get_file_size (abfd);
 -  if (filesz < 0)
 -    {
 -      /* This should never happen.  */
 -      abort ();
 -    }
    if (offset + count > sz
 -      || (section->filepos + offset + sz) > (bfd_size_type) filesz
 +      || section->filepos + offset + count > filesz
        || ! bfd_get_file_window (abfd, section->filepos + offset, count, w,
  				TRUE))
      return FALSE;
	From 7211ae501eb0de1044983f2dfb00091a58fbd66c Mon Sep 17 00:00:00 2001
	From: Alan Modra <amodra@gmail.com>
	Date: Tue, 27 Jun 2017 09:45:04 +0930
	Subject: [PATCH] More fixes for bfd_get_section_contents change

	PR binutils/21665
	* libbfd.c (_bfd_generic_get_section_contents): Delete abort.
	Use unsigned file pointer type, and remove cast.
	* libbfd.c (_bfd_generic_get_section_contents_in_window): Likewise.
	Add "count", not "sz".

	Upstream-Status: Backport
	CVE: CVE-2017-9955 #5
	Signed-off-by: Armin Kuster <akuster@mvista.com>

	---
	bfd/ChangeLog \| 8 ++++++++
	bfd/libbfd.c \| 18 ++++--------------
	2 files changed, 12 insertions(+), 14 deletions(-)

	Index: git/bfd/ChangeLog
	===================================================================
	--- git.orig/bfd/ChangeLog
	+++ git/bfd/ChangeLog
	@@ -1,3 +1,11 @@
	+2017-06-27 Alan Modra <amodra@gmail.com>
	+
	+ PR binutils/21665
	+ * libbfd.c (_bfd_generic_get_section_contents): Delete abort.
	+ Use unsigned file pointer type, and remove cast.
	+ * libbfd.c (_bfd_generic_get_section_contents_in_window): Likewise.
	+ Add "count", not "sz".
	+
	2017-06-26 Pedro Alves <palves@redhat.com>

	PR binutils/21665
	Index: git/bfd/libbfd.c
	===================================================================
	--- git.orig/bfd/libbfd.c
	+++ git/bfd/libbfd.c
	@@ -780,7 +780,7 @@ _bfd_generic_get_section_contents (bfd *
	bfd_size_type count)
	{
	bfd_size_type sz;
	- file_ptr filesz;
	+ ufile_ptr filesz;
	if (count == 0)
	return TRUE;

	@@ -804,14 +804,9 @@ _bfd_generic_get_section_contents (bfd *
	else
	sz = section->size;
	filesz = bfd_get_file_size (abfd);
	- if (filesz < 0)
	- {
	- /* This should never happen. */
	- abort ();
	- }
	if (offset + count < count
	\|\| offset + count > sz
	- \|\| (section->filepos + offset + count) > (bfd_size_type) filesz)
	+ \|\| section->filepos + offset + count > filesz)
	{
	bfd_set_error (bfd_error_invalid_operation);
	return FALSE;
	@@ -834,7 +829,7 @@ _bfd_generic_get_section_contents_in_win
	{
	#ifdef USE_MMAP
	bfd_size_type sz;
	- file_ptr filesz;
	+ ufile_ptr filesz;

	if (count == 0)
	return TRUE;
	@@ -868,13 +863,8 @@ _bfd_generic_get_section_contents_in_win
	else
	sz = section->size;
	filesz = bfd_get_file_size (abfd);
	- if (filesz < 0)
	- {
	- /* This should never happen. */
	- abort ();
	- }
	if (offset + count > sz
	- \|\| (section->filepos + offset + sz) > (bfd_size_type) filesz
	+ \|\| section->filepos + offset + count > filesz
	\|\| ! bfd_get_file_window (abfd, section->filepos + offset, count, w,
	TRUE))
	return FALSE;