Fix buffer overflows when printing translated messages.

Resolves: #1417411
This commit is contained in:
Nick Clifton 2017-01-31 11:48:35 +00:00
parent 4ae66ca2b6
commit 1cd2662020
2 changed files with 43 additions and 1 deletions

View File

@ -0,0 +1,35 @@
diff -rup binutils.orig/ld/ldlang.c binutils-2.27/ld/ldlang.c
--- binutils.orig/ld/ldlang.c 2017-01-31 11:08:03.711398839 +0000
+++ binutils-2.27/ld/ldlang.c 2017-01-31 11:09:31.411347584 +0000
@@ -2034,14 +2034,11 @@ static void
lang_print_asneeded (void)
{
struct asneeded_minfo *m;
- char buf[100];
if (asneeded_list_head == NULL)
return;
- sprintf (buf, _("\nAs-needed library included "
- "to satisfy reference by file (symbol)\n\n"));
- minfo ("%s", buf);
+ minfo (_("\nAs-needed library included to satisfy reference by file (symbol)\n\n"));
for (m = asneeded_list_head; m != NULL; m = m->next)
{
diff -rup binutils.orig/ld/ldmain.c binutils-2.27/ld/ldmain.c
--- binutils.orig/ld/ldmain.c 2017-01-31 11:08:03.874396886 +0000
+++ binutils-2.27/ld/ldmain.c 2017-01-31 11:09:01.393708155 +0000
@@ -840,11 +840,7 @@ add_archive_element (struct bfd_link_inf
if (!header_printed)
{
- char buf[100];
-
- sprintf (buf, _("Archive member included "
- "to satisfy reference by file (symbol)\n\n"));
- minfo ("%s", buf);
+ minfo (_("Archive member included to satisfy reference by file (symbol)\n\n"));
header_printed = TRUE;
}

View File

@ -43,7 +43,7 @@
Summary: A GNU collection of binary utilities
Name: %{?cross}binutils%{?_with_debug:-debug}
Version: 2.27
Release: 14%{?dist}
Release: 15%{?dist}
License: GPLv3+
Group: Development/Tools
URL: http://sources.redhat.com/binutils
@ -94,6 +94,8 @@ Patch21: binutils-2.27-dwarf-parse-speedup.patch
Patch22: binutils-2.27-objdump-improvements.2.patch
# Include the filename concerned in readelf error messages.
Patch23: binutils-2.27-filename-in-error-messages.patch
# Fix a couple of buffer overflows when printing messages in translated strings.
Patch24: binutils-2.27-ld-buffer-overflow.patch
Provides: bundled(libiberty)
@ -242,6 +244,7 @@ using libelf instead of BFD.
%patch21 -p1
%patch22 -p1
%patch23 -p1
%patch24 -p1
# We cannot run autotools as there is an exact requirement of autoconf-2.59.
@ -607,6 +610,10 @@ exit 0
%endif # %{isnative}
%changelog
* Tue Jan 31 2017 Nick Clifton <nickc@redhat.com> 2.27-15
- Fix buffer overflows when printing translated messages.
(#1417411)
* Mon Jan 16 2017 Nick Clifton <nickc@redhat.com> 2.27-14
- Include the filename concerned in readelf error messages.
(#1412348)