new file mode 100644

@@ -0,0 +1,53 @@

+From 56b18521fb8d46d40fc090c0de9d11a08bc982fa Mon Sep 17 00:00:00 2001

+From: Mark Wielaard <mark@klomp.org>

+Date: Sat, 18 Aug 2018 12:42:16 +0200

+Subject: [PATCH] libelf: Return error if elf_compress_gnu is used on

+ SHF_COMPRESSED section.

+

+Compressing a section that is already compressed is fine, but useless.

+But it isn't possible to gnu compress (or decompress) a SHF_COMPRESSED

+section since there is no state kept that would tell if the section was

+first GNU compressed or first gabi compressed. Calling elf_compress_gnu

+on a section and then calling elf_compress on it to decompress it twice

+could cause a crash (the other way around is fine). Just disallow it.

+

+https://sourceware.org/bugzilla/show_bug.cgi?id=23528

+

+Signed-off-by: Mark Wielaard <mark@klomp.org>

+---

+

+diff --git a/libelf/elf_compress_gnu.c b/libelf/elf_compress_gnu.c

+index c35dc39..dfa7c57 100644

+--- a/libelf/elf_compress_gnu.c

+@@ -80,7 +80,9 @@ elf_compress_gnu (Elf_Scn *scn, int inflate, unsigned int flags)

+       sh_addralign = shdr->sh_addralign;

+     }

+ 

+-  if ((sh_flags & SHF_ALLOC) != 0)

++  /* Allocated sections, or sections that are already are compressed

++     cannot (also) be GNU compressed.  */

++  if ((sh_flags & SHF_ALLOC) != 0 || (sh_flags & SHF_COMPRESSED))

+     {

+       __libelf_seterrno (ELF_E_INVALID_SECTION_FLAGS);

+       return -1;

+diff --git a/libelf/libelf.h b/libelf/libelf.h

+index 61f1923..d11358c 100644

+--- a/libelf/libelf.h

+@@ -366,6 +366,11 @@ extern Elf64_Chdr *elf64_getchdr (Elf_Scn *__scn);

+    It is an error to request compression for a section that already

+    has SHF_COMPRESSED set, or (for elf_compress) to request

+    decompression for an section that doesn't have SHF_COMPRESSED set.

++   If a section has SHF_COMPRESSED set then calling elf_compress_gnu

++   will result in an error.  The section has to be decompressed first

++   using elf_compress.  Calling elf_compress on a section compressed

++   with elf_compress_gnu is fine, but probably useless.

++

+    It is always an error to call these functions on SHT_NOBITS

+    sections or if the section has the SHF_ALLOC flag set.

+    elf_compress_gnu will not check whether the section name starts

+-- 

+2.9.3

+

+

@@ -2,12 +2,13 @@

 Summary:	A collection of utilities and DSOs to handle compiled objects

 Name:		elfutils

 Version:	0.169

-Release:	2%{?dist}

+Release:	3%{?dist}

 License:	GPLv3+ and (GPLv2+ or LGPLv3+)

 Group:		Development/Tools

 URL:    	https://sourceware.org/elfutils

 Source0:	https://sourceware.org/elfutils/ftp/%{version}/%{name}-%{version}.tar.bz2

 %define sha1 elfutils=4977019aece471362dbdd28a27ef1030471dff84

+Patch0:		cve-2018-16402.patch

 Vendor:		VMware, Inc.

 Distribution:	Photon

@@ -105,6 +106,8 @@ These are the additional language files of elfutils.

 %prep

 %setup -q

+%patch0 -p1

+

 %build

 %configure --program-prefix=%{_programprefix}

 make %{?_smp_mflags}

@@ -195,6 +198,8 @@ rm -rf ${RPM_BUILD_ROOT}

 %defattr(-,root,root)

 %changelog

+* Tue Nov 6 2018 Sujay G <gsujay@vmware.com> 0.169-3

+- Added patch for CVE-2018-16402 Vulnerability

 * Mon Sep 18 2017 Alexey Makhalov <amakhalov@vmware.com> 0.169-2

 - Requires bzip2-libs

 * Tue Jul 11 2017 Divya Thaluru <dthaluru@vmware.com> 0.169-1