Fix potential integer overflow in readelf.

Resolves:  #1740470

binutils-CVE-2019-14444.patch

@@ -0,0 +1,11 @@
+--- binutils.orig/binutils/readelf.c	2019-08-13 10:03:33.518792590 +0100
++++ binutils-2.32/binutils/readelf.c	2019-08-13 10:04:22.885418269 +0100
+@@ -13234,7 +13234,7 @@ apply_relocations (Filedata *
+ 	    }
+ 
+ 	  rloc = start + rp->r_offset;
+-	  if ((rloc + reloc_size) > end || (rloc < start))
++	  if (rloc >= end || (rloc + reloc_size) > end || (rloc < start))
+ 	    {
+ 	      warn (_("skipping invalid relocation offset 0x%lx in section %s\n"),
+ 		    (unsigned long) rp->r_offset,

binutils.spec

@@ -2,7 +2,7 @@
 Summary: A GNU collection of binary utilities
 Name: %{?cross}binutils%{?_with_debug:-debug}
 Version: 2.32
-Release: 23%{?dist}
+Release: 24%{?dist}
 License: GPLv3+
 URL: https://sourceware.org/binutils
 
@@ -252,6 +252,10 @@ Patch27: binutils-CVE-2019-1010204.patch
 # Lifetime: Fixed in 2.33
 Patch28: binutils-CVE-2019-14250.patch
 
+# Purpose: Add check to readelf in order to prevent an integer overflow.
+# Lifetime: Fixed in 2.33
+Patch29: binutils-CVE-2019-14444.patch
+
 #----------------------------------------------------------------------------
 
 Provides: bundled(libiberty)
@@ -406,6 +410,7 @@ Conflicts: gcc-c++ < 4.0.0
 %patch26 -p1
 %patch27 -p1
 %patch28 -p1
+%patch29 -p1
 
 # We cannot run autotools as there is an exact requirement of autoconf-2.59.
 # FIXME - this is no longer true.  Maybe try reinstating autotool use ?
@@ -802,6 +807,9 @@ exit 0
 
 #----------------------------------------------------------------------------
 %changelog
+* Tue Aug 13 2019 Nick Clifton  <nickc@redhat.com> - 2.32-24
+- Fix potential integer overflow in readelf.  (#1740470)
+
 * Fri Aug 09 2019 Nick Clifton  <nickc@redhat.com> - 2.32-23
 - Fix potential integer overflow in GOLD.  (#1739491)