gnu: binutils: Update to 2.29.1.

* gnu/packages/base.scm (binutils): Update to 2.29.1.
[source]: Add patch.
* gnu/packages/patches/binutils-CVE-2017-14729.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
This commit is contained in:
Efraim Flashner 2017-10-02 12:12:58 +03:00
parent b33c255d4d
commit 3097edf549
No known key found for this signature in database
GPG Key ID: 41AAE7DCCA3D8351
3 changed files with 63 additions and 3 deletions

View File

@ -538,6 +538,7 @@ dist_patch_DATA = \
%D%/packages/patches/azr3.patch \
%D%/packages/patches/bash-completion-directories.patch \
%D%/packages/patches/bcftools-regidx-unsigned-char.patch \
%D%/packages/patches/binutils-CVE-2017-14729.patch \
%D%/packages/patches/binutils-ld-new-dtags.patch \
%D%/packages/patches/binutils-loongson-workaround.patch \
%D%/packages/patches/blast+-fix-makefile.patch \

View File

@ -393,15 +393,16 @@ change. GNU make offers many powerful extensions over the standard utility.")
(define-public binutils
(package
(name "binutils")
(version "2.28.1")
(version "2.29.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnu/binutils/binutils-"
version ".tar.bz2"))
(sha256
(base32
"1sj234nd05cdgga1r36zalvvdkvpfbr12g5mir2n8i1dwsdrj939"))
(patches (search-patches "binutils-ld-new-dtags.patch"
"1k2mziqn0pbxpxnkwxrl824xnmivcqdkb0insap71yv92gsdy28m"))
(patches (search-patches "binutils-CVE-2017-14729.patch"
"binutils-ld-new-dtags.patch"
"binutils-loongson-workaround.patch"))))
(build-system gnu-build-system)

View File

@ -0,0 +1,58 @@
https://blogs.gentoo.org/ago/2017/09/25/binutils-heap-based-buffer-overflow-in-_bfd_x86_elf_get_synthetic_symtab-elfxx-x86-c/
this patch is modified slightly to apply to our binutils
From 56933f9e3e90eebf1018ed7417d6c1184b91db6b Mon Sep 17 00:00:00 2001
From: "H.J. Lu" <hjl.tools@gmail.com>
Date: Fri, 22 Sep 2017 14:15:40 -0700
Subject: [PATCH] x86: Guard against corrupted PLT
There should be only one entry in PLT for a given symbol. Set howto to
NULL after processing a PLT entry to guard against corrupted PLT so that
the duplicated PLT entries are skipped.
PR binutils/22170
* elf32-i386.c (elf_i386_get_synthetic_symtab): Guard against
corrupted PLT.
* elf64-x86-64.c (elf_x86_64_get_synthetic_symtab): Likewise.
(cherry picked from commit 61e3bf5f83f7e505b6bc51ef65426e5b31e6e360)
---
bfd/ChangeLog | 7 +++++++
bfd/elf32-i386.c | 4 ++++
bfd/elf64-x86-64.c | 4 ++++
3 files changed, 15 insertions(+)
diff --git a/bfd/elf32-i386.c b/bfd/elf32-i386.c
index 9dc2d25..ba50c93 100644
--- a/bfd/elf32-i386.c
+++ b/bfd/elf32-i386.c
@@ -6616,6 +6616,10 @@ bad_return:
size += sizeof ("+0x") - 1 + 8;
n++;
s++;
+ /* There should be only one entry in PLT for a given
+ symbol. Set howto to NULL after processing a PLT
+ entry to guard against corrupted PLT. */
+ p->howto = NULL;
}
offset += plt_entry_size;
}
diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c
index 558db98..d9225ad 100644
--- a/bfd/elf64-x86-64.c
+++ b/bfd/elf64-x86-64.c
@@ -6970,6 +6970,10 @@ bad_return:
size += sizeof ("+0x") - 1 + 8 + 8 * ABI_64_P (abfd);
n++;
s++;
+ /* There should be only one entry in PLT for a given
+ symbol. Set howto to NULL after processing a PLT
+ entry to guard against corrupted PLT. */
+ p->howto = NULL;
}
offset += plt_entry_size;
}
--
2.9.3