rpms
/
elfutils
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update to 0.159.

This commit is contained in:
Mark Wielaard 2014-05-20 11:46:03 +02:00
parent 561f4c0405
commit d6d5aa0216
8 changed files with 448 additions and 2238 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -4,3 +4,4 @@
/hello_aarch64.ko.bz2 /hello_aarch64.ko.bz2
/testfile_aarch64_core.bz2 /testfile_aarch64_core.bz2
/elfutils-0.158.tar.bz2 /elfutils-0.158.tar.bz2
/elfutils-0.159.tar.bz2

2
Makefile
View File

@ -1,4 +1,4 @@
patches := $(patsubst %,elfutils-%.patch,robustify portability) patches := $(patsubst %,elfutils-%.patch,portability)
.PHONY: patches .PHONY: patches
patches: $(patches) patches: $(patches)

28
elfutils-0.158-CVE-2014-0172.patch
View File

@ -1,28 +0,0 @@
commit 7f1eec317db79627b473c5b149a22a1b20d1f68f
Author: Mark Wielaard <mjw@redhat.com>
Date: Wed Apr 9 11:33:23 2014 +0200
CVE-2014-0172 Check for overflow before calling malloc to uncompress data.
https://bugzilla.redhat.com/show_bug.cgi?id=1085663
Reported-by: Florian Weimer <fweimer@redhat.com>
Signed-off-by: Mark Wielaard <mjw@redhat.com>
diff --git a/libdw/dwarf_begin_elf.c b/libdw/dwarf_begin_elf.c
index 79daeac..34ea373 100644
--- a/libdw/dwarf_begin_elf.c
+++ b/libdw/dwarf_begin_elf.c
@@ -282,6 +282,12 @@ check_section (Dwarf *result, GElf_Ehdr *ehdr, Elf_Scn *scn, bool inscngrp)
memcpy (&size, data->d_buf + 4, sizeof size);
size = be64toh (size);
+ /* Check for unsigned overflow so malloc always allocated
+ enough memory for both the Elf_Data header and the
+ uncompressed section data. */
+ if (unlikely (sizeof (Elf_Data) + size < size))
+ break;
+
Elf_Data *zdata = malloc (sizeof (Elf_Data) + size);
if (unlikely (zdata == NULL))
break;

62
elfutils-0.158-mod-e_type.patch
View File

@ -1,62 +0,0 @@
commit 65cefbd0793c0f9e90a326d7bebf0a47c93294ad
Author: Josh Stone <jistone@redhat.com>
Date: Tue Mar 11 10:19:28 2014 -0700
libdwfl: dwfl_module_getdwarf.c (open_elf) only (re)set mod->e_type once.
As noted in https://sourceware.org/bugzilla/show_bug.cgi?id=16676#c2 for
systemtap, the heuristic used by open_elf to set the kernel Dwfl_Module
type to ET_DYN, even if the underlying ELF file e_type was set to
ET_EXEC, could trigger erroneously for non-kernel/non-main (debug or
aux) files. Make sure we only set the e_type of the module once when
processing the main file (when the phdrs can be trusted).
diff --git a/libdwfl/dwfl_module_getdwarf.c b/libdwfl/dwfl_module_getdwarf.c
index c4bd739..f8de80b 100644
--- a/libdwfl/dwfl_module_getdwarf.c
+++ b/libdwfl/dwfl_module_getdwarf.c
@@ -1,5 +1,5 @@
/* Find debugging and symbol information for a module in libdwfl.
- Copyright (C) 2005-2012 Red Hat, Inc.
+ Copyright (C) 2005-2012, 2014 Red Hat, Inc.
This file is part of elfutils.
This file is free software; you can redistribute it and/or modify
@@ -77,7 +77,7 @@ open_elf (Dwfl_Module *mod, struct dwfl_file *file)
return DWFL_E (LIBELF, elf_errno ());
}
- if (mod->e_type != ET_REL)
+ if (ehdr->e_type != ET_REL)
{
/* In any non-ET_REL file, we compute the "synchronization address".
@@ -131,11 +131,24 @@ open_elf (Dwfl_Module *mod, struct dwfl_file *file)
}
}
- mod->e_type = ehdr->e_type;
+ /* We only want to set the module e_type explictly once, derived from
+ the main ELF file. (It might be changed for the kernel, because
+ that is special - see below.) open_elf is always called first for
+ the main ELF file, because both find_dw and find_symtab call
+ __libdwfl_getelf first to open the main file. So don't let debug
+ or aux files override the module e_type. The kernel heuristic
+ below could otherwise trigger for non-kernel/non-main files, since
+ their phdrs might not match the actual load addresses. */
+ if (file == &mod->main)
+ {
+ mod->e_type = ehdr->e_type;
- /* Relocatable Linux kernels are ET_EXEC but act like ET_DYN. */
- if (mod->e_type == ET_EXEC && file->vaddr != mod->low_addr)
- mod->e_type = ET_DYN;
+ /* Relocatable Linux kernels are ET_EXEC but act like ET_DYN. */
+ if (mod->e_type == ET_EXEC && file->vaddr != mod->low_addr)
+ mod->e_type = ET_DYN;
+ }
+ else
+ assert (mod->main.elf != NULL);
return DWFL_E_NOERROR;
}

785
elfutils-portability.patch
View File

File diff suppressed because it is too large Load Diff

1756
elfutils-robustify.patch
View File

File diff suppressed because it is too large Load Diff

50
elfutils.spec
View File

@ -1,7 +1,7 @@
Name: elfutils Name: elfutils
Summary: A collection of utilities and DSOs to handle compiled objects Summary: A collection of utilities and DSOs to handle compiled objects
Version: 0.158 Version: 0.159
%global baserelease 3 %global baserelease 1
URL: https://fedorahosted.org/elfutils/ URL: https://fedorahosted.org/elfutils/
%global source_url http://fedorahosted.org/releases/e/l/elfutils/%{version}/ %global source_url http://fedorahosted.org/releases/e/l/elfutils/%{version}/
License: GPLv3+ and (GPLv2+ or LGPLv3+) License: GPLv3+ and (GPLv2+ or LGPLv3+)
@ -44,11 +44,7 @@ Group: Development/Tools
Source: %{?source_url}%{name}-%{version}.tar.bz2 Source: %{?source_url}%{name}-%{version}.tar.bz2
Patch1: %{?source_url}elfutils-robustify.patch Patch1: %{?source_url}elfutils-portability.patch
Patch2: %{?source_url}elfutils-portability.patch
Patch3: elfutils-0.158-mod-e_type.patch
Patch4: elfutils-0.158-CVE-2014-0172.patch
%if !%{compat} %if !%{compat}
Release: %{baserelease}%{?dist} Release: %{baserelease}%{?dist}
@ -88,11 +84,11 @@ BuildRequires: xz-devel
%global _program_prefix eu- %global _program_prefix eu-
%description %description
Elfutils is a collection of utilities, including ld (a linker), Elfutils is a collection of utilities, including stack (to show
nm (for listing symbols from object files), size (for listing the backtraces), nm (for listing symbols from object files), size
section sizes of an object or archive file), strip (for discarding (for listing the section sizes of an object or archive file),
symbols), readelf (to see the raw ELF file structures), and elflint strip (for discarding symbols), readelf (to see the raw ELF file
(to check for well-formed ELF files). structures), and elflint (to check for well-formed ELF files).
%package libs %package libs
@ -199,10 +195,8 @@ for libelf.
: 'separate_devel_static=%separate_devel_static' : 'separate_devel_static=%separate_devel_static'
: 'scanf_has_m=%scanf_has_m' : 'scanf_has_m=%scanf_has_m'
%patch1 -p1 -b .robustify
%if %{portability} %if %{portability}
%patch2 -p1 -b .portability %patch1 -p1 -b .portability
sleep 1 sleep 1
find . \( -name Makefile.in -o -name aclocal.m4 \) -print | xargs touch find . \( -name Makefile.in -o -name aclocal.m4 \) -print | xargs touch
sleep 1 sleep 1
@ -213,20 +207,18 @@ sed -i.scanf-m -e 's/%m/%a/g' src/addr2line.c tests/line2addr.c
%endif %endif
%endif %endif
%patch3 -p1 -b .e_type
%patch4 -p1 -b .CVE-2014-0172
find . -name \*.sh ! -perm -0100 -print | xargs chmod +x find . -name \*.sh ! -perm -0100 -print | xargs chmod +x
%build %build
# Remove -Wall from default flags. The makefiles enable enough warnings # Remove -Wall from default flags. The makefiles enable enough warnings
# themselves, and they use -Werror. Appending -Wall defeats the cases where # themselves, and they use -Werror. Appending -Wall defeats the cases where
# the makefiles disable some specific warnings for specific code. # the makefiles disable some specific warnings for specific code.
# Also remove -Werror=format-security which doesn't work without # But add -Wformat explicitly for use with -Werror=format-security which
# -Wformat (enabled by -Wall). We enable -Wformat explicitly for some # doesn't work without -Wformat (enabled by -Wall).
# files later. RPM_OPT_FLAGS="${RPM_OPT_FLAGS/-Wall/}"
RPM_OPT_FLAGS=${RPM_OPT_FLAGS/-Wall/} %if !%{compat}
RPM_OPT_FLAGS=${RPM_OPT_FLAGS/-Werror=format-security/} RPM_OPT_FLAGS="${RPM_OPT_FLAGS} -Wformat"
%endif
%if %{compat} %if %{compat}
# Some older glibc headers can run afoul of -Werror all by themselves. # Some older glibc headers can run afoul of -Werror all by themselves.
@ -238,7 +230,7 @@ COMPAT_CONFIG_FLAGS=""
%endif %endif
trap 'cat config.log' EXIT trap 'cat config.log' EXIT
%configure --enable-dwz $COMPAT_CONFIG_FLAGS CFLAGS="$RPM_OPT_FLAGS -fexceptions" %configure $COMPAT_CONFIG_FLAGS CFLAGS="$RPM_OPT_FLAGS -fexceptions"
trap '' EXIT trap '' EXIT
make -s %{?_smp_mflags} make -s %{?_smp_mflags}
@ -308,6 +300,7 @@ rm -rf ${RPM_BUILD_ROOT}
%{_includedir}/elfutils/libebl.h %{_includedir}/elfutils/libebl.h
%{_includedir}/elfutils/libdw.h %{_includedir}/elfutils/libdw.h
%{_includedir}/elfutils/libdwfl.h %{_includedir}/elfutils/libdwfl.h
%{_includedir}/elfutils/libdwelf.h
%{_includedir}/elfutils/version.h %{_includedir}/elfutils/version.h
%{_libdir}/libebl.a %{_libdir}/libebl.a
%{_libdir}/libasm.so %{_libdir}/libasm.so
@ -335,7 +328,14 @@ rm -rf ${RPM_BUILD_ROOT}
%{_libdir}/libelf.a %{_libdir}/libelf.a
%changelog %changelog
* Tue Apr 10 2014 Mark Wielaard <mjw@redhat.com> - 0.158-3 * Mon May 19 2014 Mark Wielaard <mjw@redhat.com> - 0.159-1
- Update to 0.159.
- Remove integrated upstream patches:
robustify.patch, mod-e_type.patch and CVE-2014-0172.patch.
- Remove special handling of now default compile and configure flags:
Don't remove -Werror=format-security, don't configure --enable-dwz.
* Thu Apr 10 2014 Mark Wielaard <mjw@redhat.com> - 0.158-3
- Add elfutils-0.158-CVE-2014-0172.patch (#1085729) - Add elfutils-0.158-CVE-2014-0172.patch (#1085729)
* Tue Mar 11 2014 Mark Wielaard <mjw@redhat.com> - 0.158-2 * Tue Mar 11 2014 Mark Wielaard <mjw@redhat.com> - 0.158-2

2
sources
View File

@ -1 +1 @@
050a4909e452d01ab4747fd69d4036e0 elfutils-0.158.tar.bz2 1f45a18231c782ccd0966059e2e42ea9 elfutils-0.159.tar.bz2