diff --git a/binutils-CVE-2023-1972.patch b/binutils-CVE-2023-1972.patch new file mode 100644 index 0000000..dd637fc --- /dev/null +++ b/binutils-CVE-2023-1972.patch @@ -0,0 +1,20 @@ +--- binutils.orig/bfd/elf.c 2023-04-17 16:26:08.720347439 +0100 ++++ binutils-2.40/bfd/elf.c 2023-04-17 16:28:03.286317601 +0100 +@@ -9050,6 +9050,8 @@ _bfd_elf_slurp_version_tables (bfd *abfd + bfd_set_error (bfd_error_file_too_big); + goto error_return_verdef; + } ++ if (amt == 0) ++ goto error_return_verdef; + elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt); + if (elf_tdata (abfd)->verdef == NULL) + goto error_return_verdef; +@@ -9153,6 +9155,8 @@ _bfd_elf_slurp_version_tables (bfd *abfd + bfd_set_error (bfd_error_file_too_big); + goto error_return; + } ++ if (amt == 0) ++ goto error_return; + elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt); + if (elf_tdata (abfd)->verdef == NULL) + goto error_return; diff --git a/binutils-gold-empty-dwp.patch b/binutils-gold-empty-dwp.patch new file mode 100644 index 0000000..b716565 --- /dev/null +++ b/binutils-gold-empty-dwp.patch @@ -0,0 +1,11 @@ +--- binutils.orig/gold/dwp.cc 2023-05-02 13:26:44.075148082 +0100 ++++ binutils-2.40/gold/dwp.cc 2023-05-02 13:27:16.189130127 +0100 +@@ -2418,6 +2418,8 @@ main(int argc, char** argv) + { + Dwo_file exe_file(exe_filename); + exe_file.read_executable(&files); ++ if (files.empty()) ++ gold_fatal(_("Could not find any dwo links in specified EXE")); + } + + // Add any additional files listed on command line. diff --git a/binutils-reloc-symtab.patch b/binutils-reloc-symtab.patch new file mode 100644 index 0000000..d217306 --- /dev/null +++ b/binutils-reloc-symtab.patch @@ -0,0 +1,50 @@ +--- binutils.orig/bfd/elf.c 2023-03-30 10:01:40.824181703 +0100 ++++ binutils-2.40/bfd/elf.c 2023-03-30 10:02:23.103135337 +0100 +@@ -3877,21 +3877,23 @@ assign_section_numbers (bfd *abfd, struc + { + case SHT_REL: + case SHT_RELA: +- /* A reloc section which we are treating as a normal BFD +- section. sh_link is the section index of the symbol +- table. sh_info is the section index of the section to +- which the relocation entries apply. We assume that an +- allocated reloc section uses the dynamic symbol table +- if there is one. Otherwise we guess the normal symbol +- table. FIXME: How can we be sure? */ +- if (d->this_hdr.sh_link == 0 && (sec->flags & SEC_ALLOC) != 0) ++ /* sh_link is the section index of the symbol table. ++ sh_info is the section index of the section to which the ++ relocation entries apply. */ ++ if (d->this_hdr.sh_link == 0) + { +- s = bfd_get_section_by_name (abfd, ".dynsym"); +- if (s != NULL) +- d->this_hdr.sh_link = elf_section_data (s)->this_idx; ++ /* FIXME maybe: If this is a reloc section which we are ++ treating as a normal section then we likely should ++ not be assuming its sh_link is .dynsym or .symtab. */ ++ if ((sec->flags & SEC_ALLOC) != 0) ++ { ++ s = bfd_get_section_by_name (abfd, ".dynsym"); ++ if (s != NULL) ++ d->this_hdr.sh_link = elf_section_data (s)->this_idx; ++ } ++ else ++ d->this_hdr.sh_link = elf_onesymtab (abfd); + } +- if (d->this_hdr.sh_link == 0) +- d->this_hdr.sh_link = elf_onesymtab (abfd); + + s = elf_get_reloc_section (sec); + if (s != NULL) +--- binutils.orig/binutils/objcopy.c 2023-03-30 10:01:41.063181441 +0100 ++++ binutils-2.40/binutils/objcopy.c 2023-03-30 12:25:41.439108276 +0100 +@@ -2256,7 +2256,7 @@ merge_gnu_build_notes (bfd * ab + { + if (pnote->note.namedata[4] == '2') + ++ version_2_seen; +- else if (pnote->note.namedata[4] == '3') ++ else if (pnote->note.namedata[4] == '3' || pnote->note.namedata[4] == '4') + ++ version_3_seen; + else + { diff --git a/binutils.spec b/binutils.spec index 3640de8..9e09248 100644 --- a/binutils.spec +++ b/binutils.spec @@ -2,7 +2,7 @@ Summary: A GNU collection of binary utilities Name: binutils%{?_with_debug:-debug} Version: 2.40 -Release: 5.rvre0%{?dist} +Release: 8%{?dist} License: GPLv3+ URL: https://sourceware.org/binutils @@ -261,10 +261,24 @@ Patch17: binutils-update-linker-manual.patch # Lifetime: Fixed in 2.41 Patch18: binutils-objcopy-note-merge-speedup.patch -# # Purpose: Fix testsuite failures due to the patches applied here. -# # Lifetime: Permanent, but varying with each new rebase. +# Purpose: Fix testsuite failures due to the patches applied here. +# Lifetime: Permanent, but varying with each new rebase. Patch19: binutils-testsuite-fixes.patch +# Purpose: Stop the linker from associating allocated reloc sections with +# the .symtab section , which prevents it from being stripped. +# Lifetime: Fixed in 2.41 +Patch20: binutils-reloc-symtab.patch + +# Purpose: Stop an illegal memory access in the BFD library when loading +# a file with corrupt symbol version information. +# Lifetime: Fixed in 2.41 +Patch21: binutils-CVE-2023-1972.patch + +# Purpose: Stop an abort when using dwp to process a file with no dwo links. +# Lifetime: Fixed in 2.41 (maybe) +Patch22: binutils-gold-empty-dwp.patch + #---------------------------------------------------------------------------- Provides: bundled(libiberty) @@ -416,7 +430,7 @@ linker, and it may become deprecated in the future. %package gprofng Summary: Next Generating code profiling tool Provides: gprofng = %{version}-%{release} -Requires: binutils >= %{version} +Requires: binutils = %{version}-%{release} %description gprofng GprofNG is the GNU Next Generation Profiler for analyzing the performance @@ -522,7 +536,7 @@ done # The -print is there just to confirm that the command is working. %if %{without docs} find . -name *.info -print -exec touch {} \; -%esle +%else # If we are creating the docs, touch the texi files so that the info and # man pages will be rebuilt. find . -name *.texi -print -exec touch {} \; @@ -764,9 +778,19 @@ run_tests() %endif pushd build-$target + + # FIXME: I have not been able to find a way to capture a "failed" return + # value from "make check" without having it also stop the build. So in + # order to obtain the logs from the test runs if a check fails I have to + # run the tests twice. Once to generate the logs and then a second time + # to generate the correct exit code. + + echo ================ $target == TEST RUN 1 ============================= + + # Run the tests and accumulate the logs - but ignore failures... if test x$native == x1 ; then - make -k check-gas check-binutils check-ld < /dev/null + make -k check-gas check-binutils check-ld < /dev/null || : %if %{with gold} # The GOLD testsuite always returns an error code, even if no tests fail. make -k check-gold < /dev/null || : @@ -776,8 +800,6 @@ run_tests() make -k check-gas check-binutils < /dev/null || : fi - echo ================ $target == TESTING BEGINS ======================== - for f in {gas/testsuite/gas,ld/ld,binutils/binutils}.sum do if [ -f $f ]; then @@ -794,8 +816,6 @@ run_tests() fi %endif - echo ================ $target == TESTING END =========================== - for file in {gas/testsuite/gas,ld/ld,binutils/binutils}.{sum,log} do if [ -f $file ]; then @@ -815,6 +835,18 @@ run_tests() fi %endif + echo ================ $target == TEST RUN 2 ============================= + + # Run the tests and this time fail if there are any errors. + + if test x$native == x1 ; then + make -k check-gas check-binutils check-ld < /dev/null + # Ignore the gold tests - they always fail + else + # Do not try running linking tests for the cross-binutils. + make -k check-gas check-binutils < /dev/null + fi + popd } @@ -881,7 +913,7 @@ install_binutils() local native="$2" local shared="$3" - local local_root=%{buildroot}/usr + local local_root=%{buildroot}/%{_prefix} local local_bindir=$local_root/bin local local_libdir=%{buildroot}%{_libdir} local local_mandir=$local_root/share/man/man1 @@ -1119,25 +1151,31 @@ exit 0 %license COPYING COPYING3 COPYING3.LIB COPYING.LIB %doc README %{_bindir}/[!l]* -%exclude %{_bindir}/gp-* -%exclude %{_bindir}/gprofng # %%verify(symlink) does not work for some reason, so using "owner" instead. %verify(owner) %{_bindir}/ld %{_bindir}/ld.bfd +%if %{with gprofng} +%exclude %{_bindir}/gp-* +%exclude %{_bindir}/gprofng +%endif + %if %{with docs} %{_mandir}/man1/ %exclude %{_mandir}/man1/gp-* %exclude %{_mandir}/man1/gprofng* %{_infodir}/as.info.* %{_infodir}/binutils.info.* -%{_infodir}/gprof.info.* %{_infodir}/ld.info.* %{_infodir}/bfd.info.* %{_infodir}/ctf-spec.info.* +%{_infodir}/gprof.info.* %{_infodir}/sframe-spec.info.* + +%if %{with gprofng} %exclude %{_infodir}/gprofng* %endif +%endif %if %{enable_shared} %{_libdir}/lib*.so @@ -1146,6 +1184,7 @@ exit 0 %exclude %{_libdir}/libopcodes.so %exclude %{_libdir}/libctf.a %exclude %{_libdir}/libctf-nobfd.a + %dir %{_libdir}/bfd-plugins # %%{_libdir}/bfd-plugins/libdep.a %{_libdir}/bfd-plugins/libdep.so @@ -1157,6 +1196,7 @@ exit 0 %{_libdir}/lib*.a %{_libdir}/libbfd.so %{_libdir}/libopcodes.so +%exclude %{_libdir}/lib*.la %if %{with gold} %files gold @@ -1205,8 +1245,16 @@ exit 0 #---------------------------------------------------------------------------- %changelog -* Mon Mar 27 2023 David Abdurachmanov - 2.40-5.rvre0 -- Rebuild for Fedora/RISCV +* Tue May 02 2023 Nick Clifton - 2.40-8 +- GOLD: Stop an abort triggered by running dwp on a file with no dwo links. (#2192226) +- Spec File: Use _prefix. (#2192118) + +* Mon Apr 17 2023 Nick Clifton - 2.40-7 +- Spec File: Fix typo. (#2186396) +- BFD library: Fix illegal memory access when loading corrupt symbol version info. (#2186579) + +* Thu Mar 30 2023 Nick Clifton - 2.40-6 +- Linker: Do not associate allocated reloc sections with the .symtab section. (#2166419) * Wed Mar 08 2023 Nick Clifton - 2.40-5 - Spec file: Rebuild libsframe.a with -fPIC enabled. (#2174841)