[binutils/f20] Import patch from mainline to fix seg-fault when reading corrupt srec fields. Resolves: BZ #1156272

[Nicholas Clifton]

commit 9d263c2cc5990f94f31bc37742c050db564d2e21
Author: Nick Clifton <nickc at redhat.com>
Date:   Fri Oct 24 16:19:43 2014 +0100

    Import patch from mainline to fix seg-fault when reading corrupt srec fields.
    Resolves: BZ #1156272

 binutils-2.24-corrupt-srec.patch |   41 ++++++++++++++++++++++++++++++++++++++
 binutils.spec                    |    9 +++++++-
 2 files changed, 49 insertions(+), 1 deletions(-)
---
diff --git a/binutils-2.24-corrupt-srec.patch b/binutils-2.24-corrupt-srec.patch
new file mode 100644
index 0000000..59eafbd
--- /dev/null
+++ b/binutils-2.24-corrupt-srec.patch
@@ -0,0 +1,41 @@
+*** ../binutils-2.24.orig/bfd/srec.c	2014-10-24 15:34:34.156138230 +0100
+--- bfd/srec.c	2014-10-24 15:42:41.462592601 +0100
+*************** srec_scan (bfd *abfd)
+*** 455,461 ****
+  	  {
+  	    file_ptr pos;
+  	    char hdr[3];
+! 	    unsigned int bytes;
+  	    bfd_vma address;
+  	    bfd_byte *data;
+  	    unsigned char check_sum;
+--- 455,461 ----
+  	  {
+  	    file_ptr pos;
+  	    char hdr[3];
+! 	    unsigned int bytes, min_bytes;
+  	    bfd_vma address;
+  	    bfd_byte *data;
+  	    unsigned char check_sum;
+*************** srec_scan (bfd *abfd)
+*** 478,483 ****
+--- 478,496 ----
+  	      }
+  
+  	    check_sum = bytes = HEX (hdr + 1);
++ 	    min_bytes = 3;
++ 	    if (hdr[0] == '2' || hdr[0] == '8')
++ 	      min_bytes = 4;
++ 	    else if (hdr[0] == '3' || hdr[0] == '7')
++ 	      min_bytes = 5;
++ 	    if (bytes < min_bytes)
++ 	      {
++ 		(*_bfd_error_handler) (_("%B:%d: byte count %d too small\n"),
++ 				       abfd, lineno, bytes);
++ 		bfd_set_error (bfd_error_bad_value);
++ 		goto error_return;
++ 	      }
++ 
+  	    if (bytes * 2 > bufsize)
+  	      {
+  		if (buf != NULL)
diff --git a/binutils.spec b/binutils.spec
index 50c5156..3240698 100644
--- a/binutils.spec
+++ b/binutils.spec
@@ -27,7 +27,7 @@ Name: %{?cross}binutils%{?_with_debug:-debug}
 # official binutils release happens (2.24.0) we will be able to restore
 # Version to an honest value and everything will be good again.
 Version: 2.23.88.0.1
-Release: 18%{?dist}
+Release: 19%{?dist}
 License: GPLv3+
 Group: Development/Tools
 URL: http://sources.redhat.com/binutils
@@ -88,6 +88,8 @@ Patch26: binutils-2.23.2-DW_FORM_ref_addr.patch
 Patch27: binutils-2.23.2-fake-zlib-sections.patch
 # Add support for ignoring whitespace in ARM assembler instructions.
 Patch28: binutils-2.23.2-arm-gas-whitespace.patch
+# Fix seg-fault when parsing corrupt srec files.
+Patch29: binutils-2.24-corrupt-srec.patch
 
 Provides: bundled(libiberty)
 
@@ -221,6 +223,7 @@ using libelf instead of BFD.
 %patch26 -p0 -b .ref_addr~ 
 %patch27 -p0 -b .fake-zlib~ 
 %patch28 -p0 -b .arm-whitespace~ 
+%patch29 -p0 -b .srec~
 
 # We cannot run autotools as there is an exact requirement of autoconf-2.59.
 
@@ -526,6 +529,10 @@ exit 0
 %endif # %{isnative}
 
 %changelog
+* Fri Oct 24 2014 Nick Clifton <nickc at redhat.com> - 2.23.88.0.1-19
+- Import patch from mainline to fix seg-fault when reading corrupt srec fields.
+  Resolves: BZ #1156272
+
 * Mon Oct 20 2014 Nick Clifton <nickc at redhat.com> - 2.23.88.0.1-18
 - Ignore extraneous whitespace in ARM assembler.  (#1154176)