system/binutils: patch CVE-2019-14444 (#174)

03714f9c · Max Rees · 26ea0e09 · 03714f9c · 03714f9c
Verified Commit 03714f9c authored 5 years ago by Max Rees
--- a/system/binutils/APKBUILD
+++ b/system/binutils/APKBUILD
 # Maintainer: Adelie Platform Group <adelie-devel@lists.adelielinux.org>
 pkgname=binutils
 pkgver=2.32
-pkgrel=2
+pkgrel=3
 pkgdesc="Tools necessary to build programs"
 url="https://www.gnu.org/software/binutils/"
 depends=""
@@ -30,6 +30,7 @@ source="https://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz
 	CVE-2019-9077.patch
 	CVE-2019-12972.patch
 	CVE-2019-14250.patch
+	CVE-2019-14444.patch
 	BTS-170.patch
 	BTS-196.patch
 	"
@@ -59,6 +60,8 @@ fi
 #     - CVE-2019-9077
 #     - CVE-2019-12972
 #     - CVE-2019-14250
+#   2.32-r3:
+#     - CVE-2019-14444

 build() {
 	local _sysroot=/
@@ -152,5 +155,6 @@ a46b9211608e2f35219b95363a5ba90506742dcb9e4bd4a43915af6c0b3e74bd8339a8318dc2923c
 c0f50f1a843480f29b3895c8814df9801b9f90260edbaff1831aa5738fedd07a9e6b7a79f5b6f9be34df4954dbf02feb5232ebbecc596277fc2fe63673ed347c  CVE-2019-9077.patch
 9109a6ff9c55f310f86a1561fe6b404534928d402672490059bbe358f77c0c2a7f73c8b67f0a4450f00ba1776452858b63fa60cf2ec0744104a6b077e8fa3e42  CVE-2019-12972.patch
 c277202272d9883741c2530a94c6d50d55dd9d0a9efaa43a1f8c9fc7529bd45e635255c0d90035dfc5920d5387010a4259612a4d711260a95d7b3d9fa6500e4f  CVE-2019-14250.patch
+0942cc1a4c5ec03e931c6ebd15c5d60eae6be48cd0a3d9b7f6356f97361226bb6d53dbdcb01b20efcca0ccaf23764730d9bbad2c1bbe2ea6ca320e43b43b311b  CVE-2019-14444.patch
 d4543d2f77808d317d17a5f0eb9af21540ef8543fceaed4e3524213e31e058333321f3ba3b495199e3b57bfd0c4164929cf679369470389e26871b8895cb0110  BTS-170.patch
 9cc17d9fe3fc1351d1f6b4fc1c916254529f3304c95db6f4698b867eeb623210b914dc798fb837eafbad2b287b78b31c4ed5482b3151a2992864da04e1dd5fac  BTS-196.patch"
--- a/system/binutils/CVE-2019-14444.patch
+++ b/system/binutils/CVE-2019-14444.patch
+From e17869db99195849826eaaf5d2d0eb2cfdd7a2a7 Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@redhat.com>
+Date: Mon, 5 Aug 2019 10:40:35 +0100
+Subject: [PATCH] Catch potential integer overflow in readelf when processing
+ corrupt binaries.
+
+	PR 24829
+	* readelf.c (apply_relocations): Catch potential integer overflow
+	whilst checking reloc location against section size.
+---
+ binutils/readelf.c | 2 +-
+
+diff --git a/binutils/readelf.c b/binutils/readelf.c
+index b896ad9..e785fde 100644
+--- a/binutils/readelf.c
+++ b/binutils/readelf.c
+@@ -13366,7 +13366,7 @@ apply_relocations (Filedata *                 filedata,
+ 	    }
+ 
+ 	  rloc = start + rp->r_offset;
+-	  if ((rloc + reloc_size) > end || (rloc < start))
+	  if (rloc >= end || (rloc + reloc_size) > end || (rloc < start))
+ 	    {
+ 	      warn (_("skipping invalid relocation offset 0x%lx in section %s\n"),
+ 		    (unsigned long) rp->r_offset,
+-- 
+2.9.3
+