diff options
| author |   Ned Ludd <solar@gentoo.org> | 2005-05-17 17:36:48 +0000 |
|---|---|---|
| committer | Ned Ludd <solar@gentoo.org> | 2005-05-17 17:36:48 +0000 |
| commit | e4b2e72820d3f16f46abcf65aa007c6a7a2f6a08 (patch) | |
| tree | 9a05826f5bb2c4afa07949a37412a6a905067748 /dev-libs/elfutils | |
| parent | Cleanup for bug #92745. (diff) | |
| download | historical-e4b2e72820d3f16f46abcf65aa007c6a7a2f6a08.tar.gz historical-e4b2e72820d3f16f46abcf65aa007c6a7a2f6a08.tar.bz2 historical-e4b2e72820d3f16f46abcf65aa007c6a7a2f6a08.zip | |
- add additional incremental from Jakub which solves remaining regression failure with elfutils that we found. This version or a 0.109 is what arches will want to mark stable in general
Diffstat (limited to 'dev-libs/elfutils')
| -rw-r--r-- | dev-libs/elfutils/ChangeLog | 8 | ||||
| -rw-r--r-- | dev-libs/elfutils/Manifest | 15 | ||||
| -rw-r--r-- | dev-libs/elfutils/elfutils-0.108.ebuild | 6 | ||||
| -rw-r--r-- | dev-libs/elfutils/files/elfutils-0.108-robustify2.patch | 327 |
4 files changed, 346 insertions, 10 deletions
diff --git a/dev-libs/elfutils/ChangeLog b/dev-libs/elfutils/ChangeLog index dff878008762..e3de30e09ecd 100644 --- a/dev-libs/elfutils/ChangeLog +++ b/dev-libs/elfutils/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for dev-libs/elfutils # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/elfutils/ChangeLog,v 1.54 2005/05/17 15:05:59 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/elfutils/ChangeLog,v 1.55 2005/05/17 17:36:48 solar Exp $ + + 17 May 2005; <solar@gentoo.org> +files/elfutils-0.108-robustify2.patch, + elfutils-0.108.ebuild: + - add additional incremental from Jakub which solves remaining regression + failure with elfutils that we found. This version or a 0.109 is what arches + will want to mark stable in general *elfutils-0.108 (17 May 2005) diff --git a/dev-libs/elfutils/Manifest b/dev-libs/elfutils/Manifest index e52e818270da..3fccb730c211 100644 --- a/dev-libs/elfutils/Manifest +++ b/dev-libs/elfutils/Manifest @@ -6,9 +6,9 @@ MD5 7b94d8a842a02bed78d77c0315f95068 elfutils-0.101-r1.ebuild 1588 MD5 8556ce83ed38bc6be54b78d52a13b49b elfutils-0.97-r1.ebuild 1477 MD5 1c5255251ca86c894b299c606c3bad3c elfutils-0.101.ebuild 1531 MD5 822a1e6582def7c62c7ae773ca491143 elfutils-0.97.ebuild 1420 -MD5 e1c8c5e2412dfc891aa5cb13d87c7f96 elfutils-0.108.ebuild 1686 +MD5 da37836e53fe2bec837fa99707de7037 elfutils-0.108.ebuild 1754 MD5 79ca1a79ab3d97d51267f2b9e579c99d elfutils-0.94-r2.ebuild 1906 -MD5 bb41caaa282e60b4872835e9753965eb ChangeLog 6729 +MD5 814de1b1313fdbb25fef6e733949cf67 ChangeLog 7021 MD5 25da57fec6a38ed0c69ec6682b595398 files/elfutils-0.94-alpha-mips-atime.diff 699 MD5 1e6460efdb609828aa57b5874813972a files/elfutils-0.101-bswap.patch 849 MD5 40321e776b95020f2e51e5f481b3486e files/elfutils-0.101-portability.patch 6052 @@ -16,6 +16,7 @@ MD5 98e005817217428fef7c200faec78382 files/digest-elfutils-0.94-r1 65 MD5 98e005817217428fef7c200faec78382 files/digest-elfutils-0.94-r2 65 MD5 696196044decee0b8d782d08b3e907aa files/digest-elfutils-0.97-r1 65 MD5 696196044decee0b8d782d08b3e907aa files/digest-elfutils-0.97 65 +MD5 a5bda0a1599fd2232fb0d2cf5f3269a7 files/elfutils-0.108-robustify2.patch 12832 MD5 41c5834ecf3d28e43b7fbe3b927e582a files/elfutils-0.108-portability.patch 18453 MD5 68f794575cd890d5131853a4ca7ee9f3 files/digest-elfutils-0.101-r1 66 MD5 68f794575cd890d5131853a4ca7ee9f3 files/digest-elfutils-0.101 66 @@ -24,9 +25,9 @@ MD5 51c01230a938c5b39a545e0611170b0f files/elfutils-sections-heap-overflow.diff -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (GNU/Linux) -iQCVAwUBQooH5Z4WFLgrx1GWAQIQMQQAtce4l9Zf/IoL5LFKOoooO4nmHMTfX0/6 -ajwLK1SOr808+vmrfjyg32OC/Pjo3KcMBnQRwGPa6U8LisXROo2IvaQEKDLEJDrA -Vf9Xntu9fGgx/clr4qJ5siFZxz0RCd0Bae5r6+odF50rEpSfAMesKJkKQuAZYFi2 -gHTjyUKYAYE= -=mqTn +iQCVAwUBQoorPp4WFLgrx1GWAQJ7egQAyDOOevNQF20gjVMT7uz4QLq0950YQk+K +l1e+ghVJ6w4ZRzaonXs8+MetvdZk39hU/PMCzwdilYmS8LWdJqh5hD4gzQZhEq9A +n9pMI/JoUFh2DExH5OzCIfuOK0TCcaW1lpcI6gaJH78mp7vVUKhGakGdRRWbCK00 +kUfI7d6MiUQ= +=m2Gv -----END PGP SIGNATURE----- diff --git a/dev-libs/elfutils/elfutils-0.108.ebuild b/dev-libs/elfutils/elfutils-0.108.ebuild index fcdc67e7df06..44fe1395c849 100644 --- a/dev-libs/elfutils/elfutils-0.108.ebuild +++ b/dev-libs/elfutils/elfutils-0.108.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2005 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/elfutils/elfutils-0.108.ebuild,v 1.1 2005/05/17 15:05:59 solar Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/elfutils/elfutils-0.108.ebuild,v 1.2 2005/05/17 17:36:48 solar Exp $ inherit eutils @@ -28,8 +28,10 @@ src_unpack() { epatch "${FILESDIR}"/${PN}-0.101-bswap.patch epatch "${FILESDIR}"/${P}-portability.patch - #the next secyurity patch should not be needed in 0.109 + #the next 2 patches should not be needed in 0.109 epatch ${WORKDIR}/elfutils-0.108.robustify.patch + # incremental patch. + epatch ${FILESDIR}/elfutils-0.108-robustify2.patch # Needed by ${P}-portability.patch autoreconf || die diff --git a/dev-libs/elfutils/files/elfutils-0.108-robustify2.patch b/dev-libs/elfutils/files/elfutils-0.108-robustify2.patch new file mode 100644 index 000000000000..609b9a42250e --- /dev/null +++ b/dev-libs/elfutils/files/elfutils-0.108-robustify2.patch @@ -0,0 +1,327 @@ +2005-05-17 Jakub Jelinek <jakub@redhat.com> + + * elf32_getphdr.c (elfw2(LIBELFBITS,getphdr)): Check if program header + table fits into object's bounds. + * elf_getshstrndx.c (elf_getshstrndx): Add elf->start_offset to + elf->map_address. Check if first section header fits into object's + bounds. + * elf32_getshdr.c (elfw2(LIBELFBITS,getshdr)): Fix comment pasto. + Check if section header table fits into object's bounds. + * elf_begin.c (get_shnum): Fail if maxsize is smaller than ELF headers. + Ensure first section header fits into object's bounds. + (file_read_elf): Make sure scncnt is small enough to allocate both + ElfXX_Shdr and Elf_Scn array. Make sure section and program header + tables fit into object's bounds. Avoid memory leak on failure. + + * elflint.c (check_hash): Don't check entries beyond end of section. + (check_note): Don't crash if gelf_rawchunk fails. + (section_name): Return <invalid> if gelf_getshdr returns NULL. + +--- elfutils-0.108/libelf/elf32_getphdr.c.jj 2005-02-06 10:14:52.000000000 +0100 ++++ elfutils-0.108/libelf/elf32_getphdr.c 2005-05-17 16:53:41.000000000 +0200 +@@ -80,6 +80,16 @@ elfw2(LIBELFBITS,getphdr) (elf) + + if (elf->map_address != NULL) + { ++ /* First see whether the information in the ELF header is ++ valid and it does not ask for too much. */ ++ if (unlikely (ehdr->e_phoff >= elf->maximum_size) ++ || unlikely (ehdr->e_phoff + size > elf->maximum_size)) ++ { ++ /* Something is wrong. */ ++ __libelf_seterrno (ELF_E_INVALID_PHDR); ++ goto out; ++ } ++ + /* All the data is already mapped. Use it. */ + if (ehdr->e_ident[EI_DATA] == MY_ELFDATA + && (ALLOW_UNALIGNED +--- elfutils-0.108/libelf/elf_getshstrndx.c.jj 2004-01-05 21:45:05.000000000 +0100 ++++ elfutils-0.108/libelf/elf_getshstrndx.c 2005-05-17 15:42:32.000000000 +0200 +@@ -1,5 +1,5 @@ + /* Return section index of section header string table. +- Copyright (C) 2002 Red Hat, Inc. ++ Copyright (C) 2002, 2005 Red Hat, Inc. + Written by Ulrich Drepper <drepper@redhat.com>, 2002. + + This program is free software; you can redistribute it and/or modify +@@ -90,10 +90,25 @@ elf_getshstrndx (elf, dst) + if (elf->map_address != NULL + && elf->state.elf32.ehdr->e_ident[EI_DATA] == MY_ELFDATA + && (ALLOW_UNALIGNED +- || (((size_t) ((char *) elf->map_address + offset)) ++ || (((size_t) ((char *) elf->map_address ++ + elf->start_offset + offset)) + & (__alignof__ (Elf32_Shdr) - 1)) == 0)) +- /* We can directly access the memory. */ +- num = ((Elf32_Shdr *) (elf->map_address + offset))->sh_link; ++ { ++ /* First see whether the information in the ELF header is ++ valid and it does not ask for too much. */ ++ if (unlikely (offset + sizeof (Elf32_Shdr) ++ > elf->maximum_size)) ++ { ++ /* Something is wrong. */ ++ __libelf_seterrno (ELF_E_INVALID_SECTION_HEADER); ++ result = -1; ++ goto out; ++ } ++ ++ /* We can directly access the memory. */ ++ num = ((Elf32_Shdr *) (elf->map_address + elf->start_offset ++ + offset))->sh_link; ++ } + else + { + /* We avoid reading in all the section headers. Just read +@@ -129,10 +144,25 @@ elf_getshstrndx (elf, dst) + if (elf->map_address != NULL + && elf->state.elf64.ehdr->e_ident[EI_DATA] == MY_ELFDATA + && (ALLOW_UNALIGNED +- || (((size_t) ((char *) elf->map_address + offset)) ++ || (((size_t) ((char *) elf->map_address ++ + elf->start_offset + offset)) + & (__alignof__ (Elf64_Shdr) - 1)) == 0)) +- /* We can directly access the memory. */ +- num = ((Elf64_Shdr *) (elf->map_address + offset))->sh_link; ++ { ++ /* First see whether the information in the ELF header is ++ valid and it does not ask for too much. */ ++ if (unlikely (offset + sizeof (Elf64_Shdr) ++ > elf->maximum_size)) ++ { ++ /* Something is wrong. */ ++ __libelf_seterrno (ELF_E_INVALID_SECTION_HEADER); ++ result = -1; ++ goto out; ++ } ++ ++ /* We can directly access the memory. */ ++ num = ((Elf64_Shdr *) (elf->map_address ++ + elf->start_offset + offset))->sh_link; ++ } + else + { + /* We avoid reading in all the section headers. Just read +--- elfutils-0.108/libelf/elf32_getshdr.c.jj 2005-05-14 00:32:57.000000000 +0200 ++++ elfutils-0.108/libelf/elf32_getshdr.c 2005-05-17 15:27:52.000000000 +0200 +@@ -71,7 +71,7 @@ elfw2(LIBELFBITS,getshdr) (scn) + goto out; + size_t size = shnum * sizeof (ElfW2(LIBELFBITS,Shdr)); + +- /* Allocate memory for the program headers. We know the number ++ /* Allocate memory for the section headers. We know the number + of entries from the ELF header. */ + ElfW2(LIBELFBITS,Shdr) *shdr = elf->state.ELFW(elf,LIBELFBITS).shdr = + (ElfW2(LIBELFBITS,Shdr) *) malloc (size); +@@ -93,6 +93,16 @@ elfw2(LIBELFBITS,getshdr) (scn) + && (ehdr->e_shoff + & (__alignof__ (ElfW2(LIBELFBITS,Shdr)) - 1)) != 0)); + ++ /* First see whether the information in the ELF header is ++ valid and it does not ask for too much. */ ++ if (unlikely (ehdr->e_shoff >= elf->maximum_size) ++ || unlikely (ehdr->e_shoff + size > elf->maximum_size)) ++ { ++ /* Something is wrong. */ ++ __libelf_seterrno (ELF_E_INVALID_SECTION_HEADER); ++ goto free_and_out; ++ } ++ + /* Now copy the data and at the same time convert the byte + order. */ + if (ALLOW_UNALIGNED +--- elfutils-0.108/libelf/elf_begin.c.jj 2005-05-17 16:18:51.000000000 +0200 ++++ elfutils-0.108/libelf/elf_begin.c 2005-05-17 17:31:37.000000000 +0200 +@@ -77,7 +77,11 @@ get_shnum (void *map_address, unsigned c + || (((size_t) ((char *) map_address + offset)) + & ((is32 ? __alignof__ (Elf32_Ehdr) : __alignof__ (Elf64_Ehdr)) + - 1)) == 0)) +- ehdr.p = (char *) map_address + offset; ++ { ++ ehdr.p = (char *) map_address + offset; ++ if (maxsize < (is32 ? sizeof (Elf32_Ehdr) : sizeof (Elf64_Ehdr))) ++ return (size_t) -1l; ++ } + else + { + /* We have to read the data from the file. */ +@@ -111,7 +115,8 @@ get_shnum (void *map_address, unsigned c + + if (unlikely (result == 0) && ehdr.e32->e_shoff != 0) + { +- if (offset + ehdr.e32->e_shoff + sizeof (Elf32_Shdr) > maxsize) ++ if (unlikely (ehdr.e32->e_shoff >= maxsize) ++ || unlikely (ehdr.e32->e_shoff + sizeof (Elf32_Shdr) > maxsize)) + /* Cannot read the first section header. */ + return (size_t) -1l; + +@@ -147,7 +152,8 @@ get_shnum (void *map_address, unsigned c + + if (unlikely (result == 0) && ehdr.e64->e_shoff != 0) + { +- if (offset + ehdr.e64->e_shoff + sizeof (Elf64_Shdr) > maxsize) ++ if (unlikely (ehdr.e64->e_shoff >= maxsize) ++ || unlikely (ehdr.e64->e_shoff + sizeof (Elf64_Shdr) > maxsize)) + /* Cannot read the first section header. */ + return (size_t) -1l; + +@@ -220,10 +226,19 @@ file_read_elf (int fildes, void *map_add + + /* Determine the number of sections. */ + scncnt = get_shnum (map_address, e_ident, fildes, offset, maxsize); +- if (scncnt == (size_t) -1l || scncnt > SIZE_MAX / sizeof (Elf_Scn)) ++ if (scncnt == (size_t) -1l) + /* Could not determine the number of sections. */ + return NULL; + ++ /* Check for too many sections. */ ++ if (e_ident[EI_CLASS] == ELFCLASS32) ++ { ++ if (scncnt > SIZE_MAX / (sizeof (Elf_Scn) + sizeof (Elf32_Shdr))) ++ return NULL; ++ } ++ else if (scncnt > SIZE_MAX / (sizeof (Elf_Scn) + sizeof (Elf64_Shdr))) ++ return NULL; ++ + /* We can now allocate the memory. */ + elf = allocate_elf (fildes, map_address, offset, maxsize, cmd, parent, + ELF_K_ELF, scncnt * sizeof (Elf_Scn)); +@@ -255,15 +270,31 @@ file_read_elf (int fildes, void *map_add + /* We can use the mmapped memory. */ + elf->state.elf32.ehdr = + (Elf32_Ehdr *) ((char *) map_address + offset); ++ if (unlikely (elf->state.elf32.ehdr->e_shoff >= maxsize) ++ || unlikely (elf->state.elf32.ehdr->e_shoff ++ + scncnt * sizeof (Elf32_Shdr) > maxsize)) ++ { ++ free_and_out: ++ __libelf_seterrno (ELF_E_INVALID_FILE); ++ free (elf); ++ return NULL; ++ } + elf->state.elf32.shdr = + (Elf32_Shdr *) ((char *) map_address + offset + + elf->state.elf32.ehdr->e_shoff); + if (elf->state.elf32.ehdr->e_phnum) +- /* Assign a value only if there really is a program +- header. Otherwise the value remains NULL. */ +- elf->state.elf32.phdr +- = (Elf32_Phdr *) ((char *) map_address + offset +- + elf->state.elf32.ehdr->e_phoff); ++ { ++ /* Assign a value only if there really is a program ++ header. Otherwise the value remains NULL. */ ++ if (unlikely (elf->state.elf32.ehdr->e_phoff >= maxsize) ++ || unlikely (elf->state.elf32.ehdr->e_phoff ++ + elf->state.elf32.ehdr->e_phnum ++ * sizeof (Elf32_Phdr) > maxsize)) ++ goto free_and_out; ++ elf->state.elf32.phdr ++ = (Elf32_Phdr *) ((char *) map_address + offset ++ + elf->state.elf32.ehdr->e_phoff); ++ } + + for (size_t cnt = 0; cnt < scncnt; ++cnt) + { +@@ -285,8 +316,7 @@ file_read_elf (int fildes, void *map_add + sizeof (Elf32_Ehdr), offset) != sizeof (Elf32_Ehdr)) + { + /* We must be able to read the ELF header. */ +- __libelf_seterrno (ELF_E_INVALID_FILE); +- return NULL; ++ goto free_and_out; + } + + if (e_ident[EI_DATA] != MY_ELFDATA) +@@ -340,15 +370,26 @@ file_read_elf (int fildes, void *map_add + /* We can use the mmapped memory. */ + elf->state.elf64.ehdr = + (Elf64_Ehdr *) ((char *) map_address + offset); ++ if (unlikely (elf->state.elf64.ehdr->e_shoff >= maxsize) ++ || unlikely (elf->state.elf64.ehdr->e_shoff ++ + scncnt * sizeof (Elf64_Shdr) > maxsize)) ++ goto free_and_out; + elf->state.elf64.shdr = + (Elf64_Shdr *) ((char *) map_address + offset + + elf->state.elf64.ehdr->e_shoff); + if (elf->state.elf64.ehdr->e_phnum) +- /* Assign a value only if there really is a program +- header. Otherwise the value remains NULL. */ +- elf->state.elf64.phdr +- = (Elf64_Phdr *) ((char *) map_address + offset +- + elf->state.elf64.ehdr->e_phoff); ++ { ++ /* Assign a value only if there really is a program ++ header. Otherwise the value remains NULL. */ ++ if (unlikely (elf->state.elf64.ehdr->e_phoff >= maxsize) ++ || unlikely (elf->state.elf64.ehdr->e_phoff ++ + elf->state.elf64.ehdr->e_phnum ++ * sizeof (Elf64_Phdr) > maxsize)) ++ goto free_and_out; ++ elf->state.elf64.phdr ++ = (Elf64_Phdr *) ((char *) map_address + offset ++ + elf->state.elf64.ehdr->e_phoff); ++ } + + for (size_t cnt = 0; cnt < scncnt; ++cnt) + { +@@ -370,8 +411,7 @@ file_read_elf (int fildes, void *map_add + sizeof (Elf64_Ehdr), offset) != sizeof (Elf64_Ehdr)) + { + /* We must be able to read the ELF header. */ +- __libelf_seterrno (ELF_E_INVALID_FILE); +- return NULL; ++ goto free_and_out; + } + + if (e_ident[EI_DATA] != MY_ELFDATA) +--- elfutils-0.108/src/elflint.c.jj 2005-05-14 02:22:24.000000000 +0200 ++++ elfutils-0.108/src/elflint.c 2005-05-17 18:02:00.000000000 +0200 +@@ -309,6 +309,8 @@ section_name (Ebl *ebl, int idx) + return "<invalid>"; + + shdr = gelf_getshdr (elf_getscn (ebl->elf, idx), &shdr_mem); ++ if (shdr == NULL) ++ return "<invalid>"; + + ret = elf_strptr (ebl->elf, shstrndx, shdr->sh_name); + if (ret == NULL) +@@ -1639,19 +1641,26 @@ section [%2d] '%s': hash table section i + { + size_t symsize = symshdr->sh_size / symshdr->sh_entsize; + size_t cnt; ++ Elf32_Word *buf, *end; + + if (nchain < symshdr->sh_size / symshdr->sh_entsize) + ERROR (gettext ("section [%2d] '%s': chain array not large enough\n"), + idx, section_name (ebl, idx)); + ++ buf = ((Elf32_Word *) data->d_buf) + 2; ++ end = (Elf32_Word *) ((char *) data->d_buf + shdr->sh_size); + for (cnt = 2; cnt < 2 + nbucket; ++cnt) +- if (((Elf32_Word *) data->d_buf)[cnt] >= symsize) ++ if (buf >= end) ++ return; ++ else if (*buf++ >= symsize) + ERROR (gettext ("\ + section [%2d] '%s': hash bucket reference %zu out of bounds\n"), + idx, section_name (ebl, idx), cnt - 2); + + for (; cnt < 2 + nbucket + nchain; ++cnt) +- if (((Elf32_Word *) data->d_buf)[cnt] >= symsize) ++ if (buf >= end) ++ return; ++ else if (*buf++ >= symsize) + ERROR (gettext ("\ + section [%2d] '%s': hash chain reference %zu out of bounds\n"), + idx, section_name (ebl, idx), cnt - 2 - nbucket); +@@ -2311,6 +2320,8 @@ phdr[%d]: no note entries defined for th + return; + + char *notemem = gelf_rawchunk (ebl->elf, phdr->p_offset, phdr->p_filesz); ++ if (notemem == NULL) ++ return; + + /* ELF64 files often use note section entries in the 32-bit format. + The p_align field is set to 8 in case the 64-bit format is used. |