summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorArmin Kuster <akuster808@gmail.com>2016-05-10 17:26:39 -0700
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-05-17 20:56:08 +0100
commit7bf396e7bdb3faaf900f99f72446f19df1cffe88 (patch)
tree41c2402779d63cdc145fa884b9ac5409240881ce
parent07820907d25970f2c22497415aa6ff95fe43dc40 (diff)
downloadopenembedded-core-7bf396e7bdb3faaf900f99f72446f19df1cffe88.tar.gz
openembedded-core-7bf396e7bdb3faaf900f99f72446f19df1cffe88.tar.bz2
openembedded-core-7bf396e7bdb3faaf900f99f72446f19df1cffe88.zip
gcc: Security fix CVE-2016-4489
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r--meta/recipes-devtools/gcc/gcc-5.2.inc1
-rw-r--r--meta/recipes-devtools/gcc/gcc-5.2/CVE-2016-4489.patch56
2 files changed, 57 insertions, 0 deletions
diff --git a/meta/recipes-devtools/gcc/gcc-5.2.inc b/meta/recipes-devtools/gcc/gcc-5.2.inc
index 2d9ba6d5cd..2e870629fb 100644
--- a/meta/recipes-devtools/gcc/gcc-5.2.inc
+++ b/meta/recipes-devtools/gcc/gcc-5.2.inc
@@ -75,6 +75,7 @@ SRC_URI = "\
file://0041-handle-target-sysroot-multilib.patch \
file://0042-cxxflags-for-build.patch \
file://CVE-2016-4488.patch \
+ file://CVE-2016-4489.patch \
"
BACKPORTS = ""
diff --git a/meta/recipes-devtools/gcc/gcc-5.2/CVE-2016-4489.patch b/meta/recipes-devtools/gcc/gcc-5.2/CVE-2016-4489.patch
new file mode 100644
index 0000000000..68edca4d06
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc-5.2/CVE-2016-4489.patch
@@ -0,0 +1,56 @@
+From 053ec2207203a194d2ae82e2f164009aad3f14d2 Mon Sep 17 00:00:00 2001
+From: bernds <bernds@138bc75d-0d04-0410-961f-82ee72b054a4>
+Date: Fri, 8 Apr 2016 12:06:59 +0000
+Subject: [PATCH] =?UTF-8?q?Handle=20an=20overflow=20case=20(PR70498,=20pat?=
+ =?UTF-8?q?ch=20by=20Marcel=20B=C3=B6hme).?=
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+ PR c++/70498
+ * cplus-dem.c (gnu_special): Handle case where consume_count returns
+ -1.
+
+
+
+git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@234828 138bc75d-0d04-0410-961f-82ee72b054a4
+
+Upstream-Status: Backport
+CVE: CVE-2016-4489
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ libiberty/ChangeLog | 6 ++++++
+ libiberty/cplus-dem.c | 5 +++++
+ 2 files changed, 11 insertions(+)
+
+Index: gcc-5.2.0/libiberty/ChangeLog
+===================================================================
+--- gcc-5.2.0.orig/libiberty/ChangeLog
++++ gcc-5.2.0/libiberty/ChangeLog
+@@ -1,3 +1,9 @@
++2016-04-08 Marcel Böhme <boehme.marcel@gmail.com>
++
++ PR c++/70498
++ * cplus-dem.c (gnu_special): Handle case where consume_count returns
++ -1.
++
+ 2016-03-31 Mikhail Maltsev <maltsevm@gmail.com>
+ Marcel Bohme boehme.marcel@gmail.com
+
+Index: gcc-5.2.0/libiberty/cplus-dem.c
+===================================================================
+--- gcc-5.2.0.orig/libiberty/cplus-dem.c
++++ gcc-5.2.0/libiberty/cplus-dem.c
+@@ -3001,6 +3001,11 @@ gnu_special (struct work_stuff *work, co
+ success = 1;
+ break;
+ }
++ else if (n == -1)
++ {
++ success = 0;
++ break;
++ }
+ }
+ else
+ {