diff options
| author | Vladimír Čunát <vcunat@gmail.com> | 2014-04-20 18:17:31 +0200 |
|---|---|---|
| committer | Vladimír Čunát <vcunat@gmail.com> | 2014-04-20 18:24:11 +0200 |
| commit | b4df087f1461e7a3671d971396c0ad1adeda75c9 (patch) | |
| tree | 0c759b12c0b6c054936bc8837259198b956e089e /pkgs/development/tools | |
| parent | adc65e998d9c8eb3eaca8020fc553bd3d329eef0 (diff) | |
| download | nixpkgs-b4df087f1461e7a3671d971396c0ad1adeda75c9.tar nixpkgs-b4df087f1461e7a3671d971396c0ad1adeda75c9.tar.gz nixpkgs-b4df087f1461e7a3671d971396c0ad1adeda75c9.tar.bz2 nixpkgs-b4df087f1461e7a3671d971396c0ad1adeda75c9.tar.lz nixpkgs-b4df087f1461e7a3671d971396c0ad1adeda75c9.tar.xz nixpkgs-b4df087f1461e7a3671d971396c0ad1adeda75c9.tar.zst nixpkgs-b4df087f1461e7a3671d971396c0ad1adeda75c9.zip | |
elfutils: fix CVE-2014-0172
Patch taken from upstream mailing-list.
Diffstat (limited to 'pkgs/development/tools')
| -rw-r--r-- | pkgs/development/tools/misc/elfutils/CVE-2014-0172.patch | 32 | ||||
| -rw-r--r-- | pkgs/development/tools/misc/elfutils/default.nix | 1 |
2 files changed, 33 insertions, 0 deletions
diff --git a/pkgs/development/tools/misc/elfutils/CVE-2014-0172.patch b/pkgs/development/tools/misc/elfutils/CVE-2014-0172.patch new file mode 100644 index 00000000000..6553dea7b4c --- /dev/null +++ b/pkgs/development/tools/misc/elfutils/CVE-2014-0172.patch @@ -0,0 +1,32 @@ +https://bugzilla.redhat.com/show_bug.cgi?id=1085663 + +Reported-by: Florian Weimer <fweimer at redhat.com> +Signed-off-by: Mark Wielaard <mjw at redhat.com> +--- + libdw/dwarf_begin_elf.c | 8 +++++++- + 2 files changed, 12 insertions(+), 1 deletions(-) + +diff --git a/libdw/dwarf_begin_elf.c b/libdw/dwarf_begin_elf.c +index 79daeac..34ea373 100644 +--- a/libdw/dwarf_begin_elf.c ++++ b/libdw/dwarf_begin_elf.c +@@ -1,5 +1,5 @@ + /* Create descriptor from ELF descriptor for processing file. +- Copyright (C) 2002-2011 Red Hat, Inc. ++ Copyright (C) 2002-2011, 2014 Red Hat, Inc. + This file is part of elfutils. + Written by Ulrich Drepper <drepper at redhat.com>, 2002. + +@@ -282,6 +282,12 @@ check_section (Dwarf *result, GElf_Ehdr *ehdr, Elf_Scn *scn, bool inscngrp) + memcpy (&size, data->d_buf + 4, sizeof size); + size = be64toh (size); + ++ /* Check for unsigned overflow so malloc always allocated ++ enough memory for both the Elf_Data header and the ++ uncompressed section data. */ ++ if (unlikely (sizeof (Elf_Data) + size < size)) ++ break; ++ + Elf_Data *zdata = malloc (sizeof (Elf_Data) + size); + if (unlikely (zdata == NULL)) + break; diff --git a/pkgs/development/tools/misc/elfutils/default.nix b/pkgs/development/tools/misc/elfutils/default.nix index e2f6c693298..5ada382795c 100644 --- a/pkgs/development/tools/misc/elfutils/default.nix +++ b/pkgs/development/tools/misc/elfutils/default.nix @@ -14,6 +14,7 @@ stdenv.mkDerivation rec { }; patches = [ + ./CVE-2014-0172.patch (fetchurl { url = "http://fedorahosted.org/releases/e/l/elfutils/${version}/elfutils-portability.patch"; sha256 = "0w8i94x9hqirgs2lwcd1g36s77r5svh4j1fgcrd6lx5w18vch0di"; |