From 5e53841477b19d41616b3de11f8827ecf49ac85c Mon Sep 17 00:00:00 2001
From: yahmad <yahmad@redhat.com>
Date: Thu, 17 Nov 2022 16:06:53 +0100
Subject: [PATCH] - Fic configuration of s390x binutils so that it does not
 include support for extraneous targets. (#2139143) - Fix readelf's decoding
 of files with no sections.  (#2131609) - Stop potential infinite loop in the
 binutils DWARF parser.  (#2122675)

NOTE: Getting back in sync. Previous commit was done by mistake.
(commit f3e2e5419db81abb950d61ee197d1afcc910a0cc)
---
 binutils-readelf-no-sections.patch | 29 +++++++++++++++++++++++++++
 binutils.spec                      | 32 ++++++++++++++++++++++--------
 2 files changed, 53 insertions(+), 8 deletions(-)
 create mode 100644 binutils-readelf-no-sections.patch

diff --git a/binutils-readelf-no-sections.patch b/binutils-readelf-no-sections.patch
new file mode 100644
index 0000000..728d9c0
--- /dev/null
+++ b/binutils-readelf-no-sections.patch
@@ -0,0 +1,29 @@
+--- binutils.orig/binutils/readelf.c	2022-10-03 13:20:42.707527855 +0100
++++ binutils-2.39/binutils/readelf.c	2022-10-03 13:21:25.785436781 +0100
+@@ -6357,6 +6357,13 @@ get_32bit_section_headers (Filedata * fi
+   /* PR binutils/17531: Cope with unexpected section header sizes.  */
+   if (size == 0 || num == 0)
+     return false;
++
++  /* The section header cannot be at the start of the file - that is
++     where the ELF file header is located.  A file with absolutely no
++     sections in it will use a shoff of 0.  */
++  if (filedata->file_header.e_shoff == 0)
++    return false;
++
+   if (size < sizeof * shdrs)
+     {
+       if (! probe)
+@@ -6421,6 +6428,12 @@ get_64bit_section_headers (Filedata * fi
+   if (size == 0 || num == 0)
+     return false;
+ 
++  /* The section header cannot be at the start of the file - that is
++     where the ELF file header is located.  A file with absolutely no
++     sections in it will use a shoff of 0.  */
++  if (filedata->file_header.e_shoff == 0)
++    return false;
++
+   if (size < sizeof * shdrs)
+     {
+       if (! probe)
diff --git a/binutils.spec b/binutils.spec
index b3b22c2..66cdf4b 100644
--- a/binutils.spec
+++ b/binutils.spec
@@ -39,7 +39,7 @@
 Summary: A GNU collection of binary utilities
 Name: binutils%{?name_cross}%{?_with_debug:-debug}
 Version: 2.37
-Release: 36%{?dist}
+Release: 37%{?dist}
 License: GPLv3+
 URL: https://sourceware.org/binutils
 
@@ -374,6 +374,14 @@ Patch39: binutils-add-splay-tree-for-info_ptr.patch
 # Purpose: Fixing bug 2120752
 # Lifetime: Fixed in 2.39 
 Patch40: binutils-reduce-O-n2-performance-overhead-when-parsing-DWARF.patch
+
+# Purpose:  Stop an infinite loop in the binutils DWARF decoder.  (CVE 2022-38128)
+# Lifetime: Fixed in 2.40
+Patch41: binutils-CVE-38128-dwarf-abbrev-parsing.patch
+
+# Purpose:  Stop readelf from incorrectly decoding ELF files with no sections.
+# Lifetime: Fixed in 2.40
+Patch42: binutils-readelf-no-sections.patch
 #----------------------------------------------------------------------------
 
 Provides: bundled(libiberty)
@@ -629,11 +637,11 @@ CARGS="$CARGS --enable-64-bit-bfd"
 # Also enable the BPF target so that strip will work on BPF files.
 case %{binutils_target} in
     s390*)
-        # FIXME: For some unknown reason settting --enable-targets=x86_64-pep
-        # here breaks the building of GOLD.  I have no idea why, and not enough
-        # knowledge of how gold is configured to fix quickly.  So instead I have
-        # found that supporting "all" targets works.
-	CARGS="$CARGS --enable-targets=all"
+	# Note - The s390-linux target is there so that the GOLD linker will
+	# build.  By default, if configured for just s390x-linux, the GOLD
+	# configure system will only include support for 64-bit targets, but
+	# the s390x gold backend uses both 32-bit and 64-bit templates.
+	CARGS="$CARGS --enable-targets=s390-linux,s390x-linux,x86_64-pep,bpf-unknown-none"
 	;;
     ia64*)
 	CARGS="$CARGS --enable-targets=ia64-linux,x86_64-pep,bpf-unknown-none"
@@ -987,8 +995,16 @@ exit 0
 
 #----------------------------------------------------------------------------
 %changelog
-* Mon Sep 05 2022 Yara Ahmad  <yahmad@redhat.com> - 2.37-36
-- Improving the performance of bfd function lookup_func_by_offset
+* Wed Nov 16 2022 Yara Ahmad <yahmad@redhat.com> - 2.37-37
+- Fic configuration of s390x binutils so that it does not include support for extraneous targets. (#2139143)
+- Fix readelf's decoding of files with no sections.  (#2131609) 
+- Stop potential infinite loop in the binutils DWARF parser.  (#2122675)
+
+NOTE: Getting back in sync. Previous commit was done by mistake. 
+(commit f3e2e5419db81abb950d61ee197d1afcc910a0cc) 
+
+* Wed Sep 07 2022 Yara Ahmad  <yahmad@redhat.com> - 2.37-36
+- Improving the performance of bfd function lookup_func_by_offset 
 
 * Wed Aug 10 2022 Yara Ahmad  <yahmad@redhat.com> - 2.37-35
 - Fixes warning when running strip on an object file  (#2114597)