rpms / binutils

Clone
Source Code
GIT

Blame SOURCES/binutils-CVE-2018-10372.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8-sig-altarch-armhfp c8s c9 c9-beta
  1.   3a14e4511260e3cb8fa0fe5ef9f0854b95753393
  2.   SOURCES
  3.   binutils-CVE-2018-10372.patch
Blob History Raw
6cffa7 
--- binutils.orig/binutils/dwarf.c	2018-05-01 11:42:02.656431736 +0100
6cffa7 
+++ binutils-2.30/binutils/dwarf.c	2018-05-01 11:43:24.210383020 +0100
6cffa7 
@@ -9244,7 +9244,18 @@ process_cu_tu_index (struct dwarf_sectio
6cffa7 
 		}
6cffa7
6cffa7 
 	      if (!do_display)
6cffa7 
-		memcpy (&this_set[row - 1].signature, ph, sizeof (uint64_t));
6cffa7 
+		{
6cffa7 
+		  size_t num_copy = sizeof (uint64_t);
6cffa7 
+
6cffa7 
+		  /* PR 23064: Beware of buffer overflow.  */
6cffa7 
+		  if (ph + num_copy < limit)
6cffa7 
+		    memcpy (&this_set[row - 1].signature, ph, num_copy);
6cffa7 
+		  else
6cffa7 
+		    {
6cffa7 
+		      warn (_("Signature (%p) extends beyond end of space in section\n"), ph);
6cffa7 
+		      return 0;
6cffa7 
+		    }
6cffa7 
+		}
6cffa7
6cffa7 
 	      prow = poffsets + (row - 1) * ncols * 4;
6cffa7 
 	      /* PR 17531: file: b8ce60a8.  */

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation