Stop a potential infinite loop in the binutils DWARF parser.

Resolves: #2122675
This commit is contained in:
Nick Clifton 2022-08-31 15:50:50 +01:00
parent 92265683bf
commit dd133b6b81
2 changed files with 23 additions and 1 deletions

View File

@ -0,0 +1,15 @@
--- binutils.orig/binutils/dwarf.c 2022-08-31 11:58:08.918685348 +0100
+++ binutils-2.39/binutils/dwarf.c 2022-08-31 15:24:13.881865797 +0100
@@ -6365,7 +6365,11 @@ display_debug_abbrev (struct dwarf_secti
list->start_of_next_abbrevs = start;
}
else
- start = list->start_of_next_abbrevs;
+ {
+ if (start == list->start_of_next_abbrevs)
+ break;
+ start = list->start_of_next_abbrevs;
+ }
if (list->first_abbrev == NULL)
continue;

View File

@ -39,7 +39,7 @@
Summary: A GNU collection of binary utilities
Name: binutils%{?name_cross}%{?_with_debug:-debug}
Version: 2.39
Release: 2%{?dist}
Release: 3%{?dist}
License: GPLv3+
URL: https://sourceware.org/binutils
@ -299,6 +299,10 @@ Patch19: binutils-package-metadata.patch
# Lifetime: Fixed in 2.40
Patch20: binutils-gas-dwarf-skip-empty-functions.patch
# Purpose: Stop an infinite loop in the binutils DWARF decoder. (CVE 2022-38128)
# Lifetime: Fixed in 2.40
Patch21: binutils-CVE-38128-dwarf-abbrev-parsing.patch
#----------------------------------------------------------------------------
Provides: bundled(libiberty)
@ -955,6 +959,9 @@ exit 0
#----------------------------------------------------------------------------
%changelog
* Wed Aug 31 2022 Nick Clifton <nickc@redhat.com> - 2.39-3
- Stop a potential infinite loop in the binutils DWARF parser. (#2122675)
* Tue Aug 16 2022 Nick Clifton <nickc@redhat.com> - 2.39-2
- Move gprofng related files into the gprofng sub-package.