Add a NULL check for table pointer before attempting to
compute a DWARF filename.
Change-Id: I3229c8aa90fd9c74fc16d3865894603260377def
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5273
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Alexey Makhalov <amakhalov@vmware.com>
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,15 @@ |
0 |
+diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c |
|
1 |
+index ca22db7..0f8257f 100644 |
|
2 |
+--- a/bfd/dwarf2.c |
|
3 |
+@@ -1566,7 +1566,7 @@ concat_filename (struct line_info_table *table, unsigned int file) |
|
4 |
+ { |
|
5 |
+ char *filename; |
|
6 |
+ |
|
7 |
+- if (file - 1 >= table->num_files) |
|
8 |
++ if (table == NULL || file - 1 >= table->num_files) |
|
9 |
+ { |
|
10 |
+ /* FILE == 0 means unknown. */ |
|
11 |
+ if (file) |
|
12 |
+-- |
|
13 |
+2.9.3 |
... | ... |
@@ -1,7 +1,7 @@ |
1 | 1 |
Summary: Contains a linker, an assembler, and other tools |
2 | 2 |
Name: binutils |
3 | 3 |
Version: 2.30 |
4 |
-Release: 3%{?dist} |
|
4 |
+Release: 4%{?dist} |
|
5 | 5 |
License: GPLv2+ |
6 | 6 |
URL: http://www.gnu.org/software/binutils |
7 | 7 |
Group: System Environment/Base |
... | ... |
@@ -10,6 +10,7 @@ Distribution: Photon |
10 | 10 |
Source0: http://ftp.gnu.org/gnu/binutils/%{name}-%{version}.tar.xz |
11 | 11 |
%define sha1 binutils=574d3b5650413d6ee65195a4f5ecbddc3a38f718 |
12 | 12 |
Patch0: binutils-2.30-CVE-2018-6543.patch |
13 |
+Patch1: binutils-2.30-CVE-2018-10373.patch |
|
13 | 14 |
%description |
14 | 15 |
The Binutils package contains a linker, an assembler, |
15 | 16 |
and other tools for handling object files. |
... | ... |
@@ -22,6 +23,7 @@ for handling compiled objects. |
22 | 22 |
%prep |
23 | 23 |
%setup -q |
24 | 24 |
%patch0 -p1 |
25 |
+%patch1 -p1 |
|
25 | 26 |
%build |
26 | 27 |
install -vdm 755 ../binutils-build |
27 | 28 |
cd ../binutils-build |
... | ... |
@@ -111,6 +113,8 @@ make %{?_smp_mflags} check |
111 | 111 |
%{_lib64dir}/libiberty.a |
112 | 112 |
|
113 | 113 |
%changelog |
114 |
+* Thu Jun 7 2018 Keerthana K <keerthanak@vmware.com> 2.30-4 |
|
115 |
+- Fix CVE-2018-10373 |
|
114 | 116 |
* Mon Mar 19 2018 Alexey Makhalov <amakhalov@vmware.com> 2.30-3 |
115 | 117 |
- Add libiberty to the -devel package |
116 | 118 |
* Wed Feb 28 2018 Xiaolin Li <xiaolinl@vmware.com> 2.30-2 |