rpms
/
elfutils
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add elfutils-0.174-size-rec-ar.patch 

CVE-2018-18520 (#1646478)
This commit is contained in:
Mark Wielaard 2018-11-06 16:46:09 +01:00
parent cdc732d657
commit 33c93c3241
2 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
elfutils-0.174-size-rec-ar.patch Normal file
View File

@ -0,0 +1,31 @@
commit 22d2d082d57a7470fadc0eae67179553f4919209
Author: Mark Wielaard <mark@klomp.org>
Date: Thu Oct 18 23:15:48 2018 +0200
size: Handle recursive ELF ar files.
eu-size didn't handle an ELF ar file that contained an ar file itself
correctly. handle_ar would recursively call itself but close the ELF
file before returning. Only close the ELF file at the top-level.
https://sourceware.org/bugzilla/show_bug.cgi?id=23787
Signed-off-by: Mark Wielaard <mark@klomp.org>
diff --git a/src/size.c b/src/size.c
index 5ff3f2a..f01fd88 100644
--- a/src/size.c
+++ b/src/size.c
@@ -374,8 +374,10 @@ handle_ar (int fd, Elf *elf, const char *prefix, const char *fname)
INTERNAL_ERROR (fname);
}
- if (unlikely (elf_end (elf) != 0))
- INTERNAL_ERROR (fname);
+ /* Only close ELF handle if this was a "top level" ar file. */
+ if (prefix == NULL)
+ if (unlikely (elf_end (elf) != 0))
+ INTERNAL_ERROR (fname);
return result;
}

6
elfutils.spec
View File

@ -23,6 +23,7 @@ Source: %{?source_url}%{name}-%{version}.tar.bz2
Patch1: elfutils-0.173-new-notes-hack.patch
Patch2: elfutils-0.174-strip-unstrip-group.patch
Patch3: elfutils-0.174-libdwfl-sanity-check-core-reads.patch
Patch4: elfutils-0.174-size-rec-ar.patch
Requires: elfutils-libelf%{depsuffix} = %{version}-%{release}
Requires: elfutils-libs%{depsuffix} = %{version}-%{release}
@ -194,6 +195,7 @@ profiling) of processes.
%patch1 -p1 -b .notes_hack
%patch2 -p1 -b .strip_unstrip_group
%patch3 -p1 -b .sanity_check_core_reads
%patch4 -p1 -b .size_rec_ar
# In case the above patches added any new test scripts, make sure they
# are executable.
@ -326,6 +328,10 @@ fi
%endif
%changelog
* Tue Nov 6 2018 Mark Wielaard <mjw@fedoraproject.org>
- Add elfutils-0.174-size-rec-ar.patch
CVE-2018-18520 (#1646478)
* Fri Nov 2 2018 Mark Wielaard <mjw@fedoraproject.org> - 0.174-3
- Add elfutils-0.174-libdwfl-sanity-check-core-reads.patch
CVE-2018-18310 (#1642605)