'[OE-core] [PATCH] gcc-9.2: Security fix for CVE-2019-14250'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openembedded-core
Subject:    [OE-core] [PATCH] gcc-9.2: Security fix for CVE-2019-14250
From:       Armin Kuster <akuster808 () gmail ! com>
Date:       2019-08-31 21:15:49
Message-ID: 20190831211549.23729-1-akuster808 () gmail ! com
[Download RAW message or body]

Affects: <= 9.2

Signed-off-by: Armin Kuster <Akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 meta/recipes-devtools/gcc/gcc-9.2.inc         |  1 +
 .../gcc/gcc-9.2/CVE-2019-14250.patch          | 44 +++++++++++++++++++
 2 files changed, 45 insertions(+)
 create mode 100644 meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch

diff --git a/meta/recipes-devtools/gcc/gcc-9.2.inc \
b/meta/recipes-devtools/gcc/gcc-9.2.inc index 1c3e200dab..01d3bf0f32 100644
--- a/meta/recipes-devtools/gcc/gcc-9.2.inc
+++ b/meta/recipes-devtools/gcc/gcc-9.2.inc
@@ -64,6 +64,7 @@ SRC_URI = "\
            file://0034-fix-segmentation-fault-in-precompiled-header-generat.patch \
            file://0035-Fix-for-testsuite-failure.patch \
            file://0036-Re-introduce-spe-commandline-options.patch \
+           file://CVE-2019-14250.patch \
 "
 S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${PV}"
 SRC_URI[md5sum] = "3818ad8600447f05349098232c2ddc78"
diff --git a/meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch \
b/meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch new file mode 100644
index 0000000000..65ea34558a
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch
@@ -0,0 +1,44 @@
+From 517b211a3d78366ca8d5929f580e8ca72fd2c004 Mon Sep 17 00:00:00 2001
+From: rguenth <rguenth@138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Thu, 25 Jul 2019 10:46:54 +0000
+Subject: [PATCH] 2019-07-25  Richard Biener  <rguenther@suse.de>
+
+	PR lto/90924
+	Backport from mainline
+	2019-07-12  Ren Kimura  <rkx1209dev@gmail.com>
+
+	* simple-object-elf.c (simple_object_elf_match): Check zero value
+	shstrndx.
+
+
+git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-9-branch@273793 \
138bc75d-0d04-0410-961f-82ee72b054a4 +
+Upstream-Status: Backport
+Affectes: <  9.2
+CVE: CVE-2019-14250
+Dropped changelog
+Signed-off-by: Armin Kuster <Akustre@mvista.com>
+
+---
+ libiberty/simple-object-elf.c | 8 ++++++++
+ 2 files changed, 17 insertions(+)
+
+Index: gcc-9.2.0/libiberty/simple-object-elf.c
+===================================================================
+--- gcc-9.2.0.orig/libiberty/simple-object-elf.c
++++ gcc-9.2.0/libiberty/simple-object-elf.c
+@@ -557,6 +557,14 @@ simple_object_elf_match (unsigned char h
+       return NULL;
+     }
+ 
++  if (eor->shstrndx == 0)
++    {
++      *errmsg = "invalid ELF shstrndx == 0";
++      *err = 0;
++      XDELETE (eor);
++      return NULL;
++    }
++
+   return (void *) eor;
+ }
+ 
-- 
2.17.1

-- 
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core


[prev in list] [next in list] [prev in thread] [next in thread] 
