Change-Id: I798da63e2876b6c7776e3c3e06a6f057e0be953a
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/6114
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Sharath George
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,53 @@ |
0 |
+From 56b18521fb8d46d40fc090c0de9d11a08bc982fa Mon Sep 17 00:00:00 2001 |
|
1 |
+From: Mark Wielaard <mark@klomp.org> |
|
2 |
+Date: Sat, 18 Aug 2018 12:42:16 +0200 |
|
3 |
+Subject: [PATCH] libelf: Return error if elf_compress_gnu is used on |
|
4 |
+ SHF_COMPRESSED section. |
|
5 |
+ |
|
6 |
+Compressing a section that is already compressed is fine, but useless. |
|
7 |
+But it isn't possible to gnu compress (or decompress) a SHF_COMPRESSED |
|
8 |
+section since there is no state kept that would tell if the section was |
|
9 |
+first GNU compressed or first gabi compressed. Calling elf_compress_gnu |
|
10 |
+on a section and then calling elf_compress on it to decompress it twice |
|
11 |
+could cause a crash (the other way around is fine). Just disallow it. |
|
12 |
+ |
|
13 |
+https://sourceware.org/bugzilla/show_bug.cgi?id=23528 |
|
14 |
+ |
|
15 |
+Signed-off-by: Mark Wielaard <mark@klomp.org> |
|
16 |
+--- |
|
17 |
+ |
|
18 |
+diff --git a/libelf/elf_compress_gnu.c b/libelf/elf_compress_gnu.c |
|
19 |
+index c35dc39..dfa7c57 100644 |
|
20 |
+--- a/libelf/elf_compress_gnu.c |
|
21 |
+@@ -80,7 +80,9 @@ elf_compress_gnu (Elf_Scn *scn, int inflate, unsigned int flags) |
|
22 |
+ sh_addralign = shdr->sh_addralign; |
|
23 |
+ } |
|
24 |
+ |
|
25 |
+- if ((sh_flags & SHF_ALLOC) != 0) |
|
26 |
++ /* Allocated sections, or sections that are already are compressed |
|
27 |
++ cannot (also) be GNU compressed. */ |
|
28 |
++ if ((sh_flags & SHF_ALLOC) != 0 || (sh_flags & SHF_COMPRESSED)) |
|
29 |
+ { |
|
30 |
+ __libelf_seterrno (ELF_E_INVALID_SECTION_FLAGS); |
|
31 |
+ return -1; |
|
32 |
+diff --git a/libelf/libelf.h b/libelf/libelf.h |
|
33 |
+index 61f1923..d11358c 100644 |
|
34 |
+--- a/libelf/libelf.h |
|
35 |
+@@ -366,6 +366,11 @@ extern Elf64_Chdr *elf64_getchdr (Elf_Scn *__scn); |
|
36 |
+ It is an error to request compression for a section that already |
|
37 |
+ has SHF_COMPRESSED set, or (for elf_compress) to request |
|
38 |
+ decompression for an section that doesn't have SHF_COMPRESSED set. |
|
39 |
++ If a section has SHF_COMPRESSED set then calling elf_compress_gnu |
|
40 |
++ will result in an error. The section has to be decompressed first |
|
41 |
++ using elf_compress. Calling elf_compress on a section compressed |
|
42 |
++ with elf_compress_gnu is fine, but probably useless. |
|
43 |
++ |
|
44 |
+ It is always an error to call these functions on SHT_NOBITS |
|
45 |
+ sections or if the section has the SHF_ALLOC flag set. |
|
46 |
+ elf_compress_gnu will not check whether the section name starts |
|
47 |
+-- |
|
48 |
+2.9.3 |
|
49 |
+ |
|
50 |
+ |
... | ... |
@@ -2,12 +2,13 @@ |
2 | 2 |
Summary: A collection of utilities and DSOs to handle compiled objects |
3 | 3 |
Name: elfutils |
4 | 4 |
Version: 0.169 |
5 |
-Release: 2%{?dist} |
|
5 |
+Release: 3%{?dist} |
|
6 | 6 |
License: GPLv3+ and (GPLv2+ or LGPLv3+) |
7 | 7 |
Group: Development/Tools |
8 | 8 |
URL: https://sourceware.org/elfutils |
9 | 9 |
Source0: https://sourceware.org/elfutils/ftp/%{version}/%{name}-%{version}.tar.bz2 |
10 | 10 |
%define sha1 elfutils=4977019aece471362dbdd28a27ef1030471dff84 |
11 |
+Patch0: cve-2018-16402.patch |
|
11 | 12 |
Vendor: VMware, Inc. |
12 | 13 |
Distribution: Photon |
13 | 14 |
|
... | ... |
@@ -105,6 +106,8 @@ These are the additional language files of elfutils. |
105 | 105 |
|
106 | 106 |
%prep |
107 | 107 |
%setup -q |
108 |
+%patch0 -p1 |
|
109 |
+ |
|
108 | 110 |
%build |
109 | 111 |
%configure --program-prefix=%{_programprefix} |
110 | 112 |
make %{?_smp_mflags} |
... | ... |
@@ -195,6 +198,8 @@ rm -rf ${RPM_BUILD_ROOT} |
195 | 195 |
%defattr(-,root,root) |
196 | 196 |
|
197 | 197 |
%changelog |
198 |
+* Tue Nov 6 2018 Sujay G <gsujay@vmware.com> 0.169-3 |
|
199 |
+- Added patch for CVE-2018-16402 Vulnerability |
|
198 | 200 |
* Mon Sep 18 2017 Alexey Makhalov <amakhalov@vmware.com> 0.169-2 |
199 | 201 |
- Requires bzip2-libs |
200 | 202 |
* Tue Jul 11 2017 Divya Thaluru <dthaluru@vmware.com> 0.169-1 |