From 9554a932e9bba6a400e2eb6f84c4018898a7aa5d Mon Sep 17 00:00:00 2001
From: "coadde [Márcio Alexandre Silva Delgado]" <coadde@parabola.nu>
Date: Sun, 30 Nov 2014 13:34:20 -0200
Subject: update cross-binutils

---
 .../binutils-2.24-CVE-2014-8484.patch              | 31 ++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 cross/cross-binutils/binutils-2.24-CVE-2014-8484.patch

(limited to 'cross/cross-binutils/binutils-2.24-CVE-2014-8484.patch')

diff --git a/cross/cross-binutils/binutils-2.24-CVE-2014-8484.patch b/cross/cross-binutils/binutils-2.24-CVE-2014-8484.patch
new file mode 100644
index 000000000..69a5e8506
--- /dev/null
+++ b/cross/cross-binutils/binutils-2.24-CVE-2014-8484.patch
@@ -0,0 +1,31 @@
+--- binutils-2.24/bfd/srec.c	2013-11-04 16:33:37.000000000 +0100
++++ binutils-2.24-1/bfd/srec.c	2014-10-24 21:46:38.973046641 +0200
+@@ -455,7 +455,7 @@
+ 	  {
+ 	    file_ptr pos;
+ 	    char hdr[3];
+-	    unsigned int bytes;
++	    unsigned int bytes, min_bytes;
+ 	    bfd_vma address;
+ 	    bfd_byte *data;
+ 	    unsigned char check_sum;
+@@ -478,6 +478,19 @@
+ 	      }
+ 
+ 	    check_sum = bytes = HEX (hdr + 1);
++	    min_bytes = 3;
++	    if (hdr[0] == '2' || hdr[0] == '8')
++	      min_bytes = 4;
++	    else if (hdr[0] == '3' || hdr[0] == '7')
++	      min_bytes = 5;
++	    if (bytes < min_bytes)
++	      {
++		(*_bfd_error_handler) (_("%B:%d: byte count %d too small\n"),
++				       abfd, lineno, bytes);
++		bfd_set_error (bfd_error_bad_value);
++		goto error_return;
++	      }
++
+ 	    if (bytes * 2 > bufsize)
+ 	      {
+ 		if (buf != NULL)
-- 
cgit v1.2.3-54-g00ecf