[binutils] Import patch from mainline to fix seg-fault when reading corrupt srec fields. Resolves: BZ #1156272
Nicholas Clifton
nickc at fedoraproject.org
Fri Oct 24 14:57:50 UTC 2014
commit 09883f64456f0893f69585b2bab5a89a97aa42ba
Author: Nick Clifton <nickc at redhat.com>
Date: Fri Oct 24 15:57:33 2014 +0100
Import patch from mainline to fix seg-fault when reading corrupt srec fields.
Resolves: BZ #1156272
binutils-2.24-corrupt-srec.patch | 41 ++++++++++++++++++++++++++++++++++++++
binutils.spec | 8 ++++++-
2 files changed, 48 insertions(+), 1 deletions(-)
---
diff --git a/binutils-2.24-corrupt-srec.patch b/binutils-2.24-corrupt-srec.patch
new file mode 100644
index 0000000..59eafbd
--- /dev/null
+++ b/binutils-2.24-corrupt-srec.patch
@@ -0,0 +1,41 @@
+*** ../binutils-2.24.orig/bfd/srec.c 2014-10-24 15:34:34.156138230 +0100
+--- bfd/srec.c 2014-10-24 15:42:41.462592601 +0100
+*************** srec_scan (bfd *abfd)
+*** 455,461 ****
+ {
+ file_ptr pos;
+ char hdr[3];
+! unsigned int bytes;
+ bfd_vma address;
+ bfd_byte *data;
+ unsigned char check_sum;
+--- 455,461 ----
+ {
+ file_ptr pos;
+ char hdr[3];
+! unsigned int bytes, min_bytes;
+ bfd_vma address;
+ bfd_byte *data;
+ unsigned char check_sum;
+*************** srec_scan (bfd *abfd)
+*** 478,483 ****
+--- 478,496 ----
+ }
+
+ check_sum = bytes = HEX (hdr + 1);
++ min_bytes = 3;
++ if (hdr[0] == '2' || hdr[0] == '8')
++ min_bytes = 4;
++ else if (hdr[0] == '3' || hdr[0] == '7')
++ min_bytes = 5;
++ if (bytes < min_bytes)
++ {
++ (*_bfd_error_handler) (_("%B:%d: byte count %d too small\n"),
++ abfd, lineno, bytes);
++ bfd_set_error (bfd_error_bad_value);
++ goto error_return;
++ }
++
+ if (bytes * 2 > bufsize)
+ {
+ if (buf != NULL)
diff --git a/binutils.spec b/binutils.spec
index 571adf4..d8f7093 100644
--- a/binutils.spec
+++ b/binutils.spec
@@ -19,7 +19,7 @@
Summary: A GNU collection of binary utilities
Name: %{?cross}binutils%{?_with_debug:-debug}
Version: 2.24
-Release: 23%{?dist}
+Release: 24%{?dist}
License: GPLv3+
Group: Development/Tools
URL: http://sources.redhat.com/binutils
@@ -72,6 +72,7 @@ Patch27: binutils-2.24-aarch64-fix-gotplt-offset-ifunc.patch
Patch28: binutils-2.24-aarch64-fix-static-ifunc.patch
Patch29: binutils-2.24-aarch64-fix-ie-relax.patch
Patch30: binutils-HEAD-change-ld-notice-interface.patch
+Patch31: binutils-2.24-corrupt-srec.patch
Provides: bundled(libiberty)
@@ -206,6 +207,7 @@ using libelf instead of BFD.
%patch28 -p1 -b .aa64-2~
%patch29 -p1 -b .aa64-3~
%patch30 -p1 -b .ldplugin~
+%patch31 -p0 -b .srec~
# We cannot run autotools as there is an exact requirement of autoconf-2.59.
@@ -520,6 +522,10 @@ exit 0
%endif # %{isnative}
%changelog
+* Fri Oct 24 2014 Nick Clifton <nickc at redhat.com> - 2.24-24
+- Import patch from mainline to fix seg-fault when reading corrupt srec fields.
+ Resolves: BZ #1156272
+
* Mon Aug 25 2014 Kyle McMartin <kmcmarti at redhat.com> - 2.24-23
- aarch64: increase common page size to 64KB
- binutils-HEAD-change-ld-notice-interface.patch: backport fix from HEAD
More information about the scm-commits
mailing list