diff options
Diffstat (limited to 'extra/elfutils')
-rw-r--r-- | extra/elfutils/CVE-2014-0172.patch | 37 | ||||
-rw-r--r-- | extra/elfutils/PKGBUILD | 16 |
2 files changed, 46 insertions, 7 deletions
diff --git a/extra/elfutils/CVE-2014-0172.patch b/extra/elfutils/CVE-2014-0172.patch new file mode 100644 index 000000000..5f9541d68 --- /dev/null +++ b/extra/elfutils/CVE-2014-0172.patch @@ -0,0 +1,37 @@ +From 7f1eec317db79627b473c5b149a22a1b20d1f68f Mon Sep 17 00:00:00 2001 +From: Mark Wielaard <mjw@redhat.com> +Date: Wed, 9 Apr 2014 11:33:23 +0200 +Subject: [PATCH] CVE-2014-0172 Check for overflow before calling malloc to + uncompress data. + +https://bugzilla.redhat.com/show_bug.cgi?id=1085663 + +Reported-by: Florian Weimer <fweimer@redhat.com> +Signed-off-by: Mark Wielaard <mjw@redhat.com> +diff --git a/libdw/dwarf_begin_elf.c b/libdw/dwarf_begin_elf.c +index 79daeac..34ea373 100644 +--- a/libdw/dwarf_begin_elf.c ++++ b/libdw/dwarf_begin_elf.c +@@ -1,5 +1,5 @@ + /* Create descriptor from ELF descriptor for processing file. +- Copyright (C) 2002-2011 Red Hat, Inc. ++ Copyright (C) 2002-2011, 2014 Red Hat, Inc. + This file is part of elfutils. + Written by Ulrich Drepper <drepper@redhat.com>, 2002. + +@@ -282,6 +282,12 @@ check_section (Dwarf *result, GElf_Ehdr *ehdr, Elf_Scn *scn, bool inscngrp) + memcpy (&size, data->d_buf + 4, sizeof size); + size = be64toh (size); + ++ /* Check for unsigned overflow so malloc always allocated ++ enough memory for both the Elf_Data header and the ++ uncompressed section data. */ ++ if (unlikely (sizeof (Elf_Data) + size < size)) ++ break; ++ + Elf_Data *zdata = malloc (sizeof (Elf_Data) + size); + if (unlikely (zdata == NULL)) + break; +-- +1.9.2 + diff --git a/extra/elfutils/PKGBUILD b/extra/elfutils/PKGBUILD index 78061031b..5d8a51e91 100644 --- a/extra/elfutils/PKGBUILD +++ b/extra/elfutils/PKGBUILD @@ -1,10 +1,10 @@ -# $Id: PKGBUILD 205875 2014-02-12 08:00:43Z lcarlier $ +# $Id: PKGBUILD 211890 2014-04-28 16:31:39Z lcarlier $ # Maintainer: Stéphane Gaudreault <stephane@archlinux.org> # Contributor: Andrej Gelenberg <andrej.gelenberg@udo.edu> pkgname=elfutils pkgver=0.158 -pkgrel=1 +pkgrel=2 pkgdesc="Libraries and utilities to handle ELF object files and DWARF debugging information" arch=('i686' 'x86_64') url="https://fedorahosted.org/elfutils/" @@ -14,15 +14,20 @@ provides=('libelf') replaces=('libelf') conflicts=('libelf') source=(https://fedorahosted.org/releases/e/l/elfutils/${pkgver}/elfutils-${pkgver}.tar.bz2{,.sig} - fix-run-backtrace-native-core-test.patch) + fix-run-backtrace-native-core-test.patch + CVE-2014-0172.patch) options=('staticlibs') sha1sums=('09adbbf0f3a35bb1bcb77c2eaa40de8d3443af4d' - 'SKIP') + 'SKIP' + '8ecef640f3d1229cdf45ffda016a69848c18e61b' + '3e776c07d6ca2c7604a384d266f79c3ece1fb179') prepare() { cd ${pkgname}-${pkgver} patch -Np1 -i ../fix-run-backtrace-native-core-test.patch + # merged upstream + patch -Np1 -i ../CVE-2014-0172.patch } build() { @@ -47,6 +52,3 @@ package() { rm "${pkgdir}"/usr/lib/lib{asm,dw,elf}.a } -sha1sums=('09adbbf0f3a35bb1bcb77c2eaa40de8d3443af4d' - 'SKIP' - '8ecef640f3d1229cdf45ffda016a69848c18e61b') |