elfutils: upgrade to 0.163 due to security
... vaguely mentioned by upstream, see e.g. FEDORA-2015-11380. Close #9084.
This commit is contained in:
parent
da76816b0c
commit
aefc8b3ddf
|
@ -1,32 +0,0 @@
|
|||
https://bugzilla.redhat.com/show_bug.cgi?id=1085663
|
||||
|
||||
Reported-by: Florian Weimer <fweimer at redhat.com>
|
||||
Signed-off-by: Mark Wielaard <mjw at redhat.com>
|
||||
---
|
||||
libdw/dwarf_begin_elf.c | 8 +++++++-
|
||||
2 files changed, 12 insertions(+), 1 deletions(-)
|
||||
|
||||
diff --git a/libdw/dwarf_begin_elf.c b/libdw/dwarf_begin_elf.c
|
||||
index 79daeac..34ea373 100644
|
||||
--- a/libdw/dwarf_begin_elf.c
|
||||
+++ b/libdw/dwarf_begin_elf.c
|
||||
@@ -1,5 +1,5 @@
|
||||
/* Create descriptor from ELF descriptor for processing file.
|
||||
- Copyright (C) 2002-2011 Red Hat, Inc.
|
||||
+ Copyright (C) 2002-2011, 2014 Red Hat, Inc.
|
||||
This file is part of elfutils.
|
||||
Written by Ulrich Drepper <drepper at redhat.com>, 2002.
|
||||
|
||||
@@ -282,6 +282,12 @@ check_section (Dwarf *result, GElf_Ehdr *ehdr, Elf_Scn *scn, bool inscngrp)
|
||||
memcpy (&size, data->d_buf + 4, sizeof size);
|
||||
size = be64toh (size);
|
||||
|
||||
+ /* Check for unsigned overflow so malloc always allocated
|
||||
+ enough memory for both the Elf_Data header and the
|
||||
+ uncompressed section data. */
|
||||
+ if (unlikely (sizeof (Elf_Data) + size < size))
|
||||
+ break;
|
||||
+
|
||||
Elf_Data *zdata = malloc (sizeof (Elf_Data) + size);
|
||||
if (unlikely (zdata == NULL))
|
||||
break;
|
|
@ -3,21 +3,20 @@
|
|||
# TODO: Look at the hardcoded paths to kernel, modules etc.
|
||||
stdenv.mkDerivation rec {
|
||||
name = "elfutils-${version}";
|
||||
version = "0.158";
|
||||
version = "0.163";
|
||||
|
||||
src = fetchurl {
|
||||
urls = [
|
||||
"http://fedorahosted.org/releases/e/l/elfutils/${version}/${name}.tar.bz2"
|
||||
"mirror://gentoo/distfiles/${name}.tar.bz2"
|
||||
];
|
||||
sha256 = "0z9rprmizd7rwb3xwfmz5liii7hbiv3g2arl23h56brm45fay9xy";
|
||||
sha256 = "7c774f1eef329309f3b05e730bdac50013155d437518a2ec0e24871d312f2e23";
|
||||
};
|
||||
|
||||
patches = [
|
||||
./CVE-2014-0172.patch
|
||||
(fetchurl {
|
||||
url = "http://fedorahosted.org/releases/e/l/elfutils/${version}/elfutils-portability.patch";
|
||||
sha256 = "0y2fyjis5xrd3g2pcbcm145q2kmh52n5c74w8dwv3hqdp5ky7igd";
|
||||
url = "http://fedorahosted.org/releases/e/l/elfutils/${version}/elfutils-portability-${version}.patch";
|
||||
sha256 = "e4e82315dad2efaa4e4476503e7537e01b7c1b1f98a96de4ca1c7fa85f4f1045";
|
||||
}) ];
|
||||
|
||||
# We need bzip2 in NativeInputs because otherwise we can't unpack the src,
|
||||
|
|
Loading…
Reference in New Issue