packages/elfutils
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix segfault in eu-ar -m and Use upstream patch for Fix error of parsing object file perms

Browse Source
This commit is contained in:
fly_fzc 2023-09-01 14:21:01 +08:00
parent f500bee705
commit 01dd6c6759
4 changed files with 105 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
Fix-error-of-parsing-object-file-perms.patch
View File

@ -1,46 +0,0 @@
From 9e18fcfeb2c8ff471c11da58b05215e219be20fd Mon Sep 17 00:00:00 2001
From: yixiangzhike <yixiangzhike007@163.com>
Date: Tue, 16 Aug 2022 09:49:35 +0800
Subject: [PATCH] fix error of parsing object file perms
---
libelf/elf_begin.c | 20 +++++++++++++++++++-
1 file changed, 19 insertions(+), 1 deletion(-)
diff --git a/libelf/elf_begin.c b/libelf/elf_begin.c
index 17d9b1f..581d8ef 100644
--- a/libelf/elf_begin.c
+++ b/libelf/elf_begin.c
@@ -997,10 +997,28 @@ __libelf_next_arhdr_wrlock (Elf *elf)
} \
while (0)
+#define INT_FIELD_HN(FIELD, HN) \
+ do \
+ { \
+ char buf[sizeof (ar_hdr->FIELD) + 1]; \
+ const char *string = ar_hdr->FIELD; \
+ if (ar_hdr->FIELD[sizeof (ar_hdr->FIELD) - 1] != ' ') \
+ { \
+ *((char *) mempcpy (buf, ar_hdr->FIELD, sizeof (ar_hdr->FIELD))) \
+ = '\0'; \
+ string = buf; \
+ } \
+ if (sizeof (elf_ar_hdr->FIELD) <= sizeof (long int)) \
+ elf_ar_hdr->FIELD = (__typeof (elf_ar_hdr->FIELD)) strtol (string, NULL, HN); \
+ else \
+ elf_ar_hdr->FIELD = (__typeof (elf_ar_hdr->FIELD)) strtoll (string, NULL, HN); \
+ } \
+ while (0)
+
INT_FIELD (ar_date);
INT_FIELD (ar_uid);
INT_FIELD (ar_gid);
- INT_FIELD (ar_mode);
+ INT_FIELD_HN (ar_mode, 8);
INT_FIELD (ar_size);
if (elf_ar_hdr->ar_size < 0)
--
2.27.0

34
Fix-segfault-in-eu-ar-m.patch Normal file
View File

@ -0,0 +1,34 @@
From 7170b990d3dc3974b8e670b3c0e4ca6dcc20c853 Mon Sep 17 00:00:00 2001
From: xiezhipeng <xiezhipeng1@huawei.com>
Date: Wed, 8 Dec 2021 09:47:36 +0800
Subject: [PATCH] fix segfault in eu-ar -m
Fix segfaultineu-ar-m.
---
src/ar.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/ar.c b/src/ar.c
index ab6098f..ed5fe2f 100644
--- a/src/ar.c
+++ b/src/ar.c
@@ -1159,6 +1159,7 @@ do_oper_insert (int oper, const char *arfname, char **argv, int argc,
goto next;
struct armem *newp = alloca (sizeof (struct armem));
+ memset (newp, '\0', sizeof(struct armem));
newp->old_off = elf_getaroff (subelf);
newp->size = arhdr->ar_size;
newp->sec = arhdr->ar_date;
@@ -1251,6 +1252,7 @@ do_oper_insert (int oper, const char *arfname, char **argv, int argc,
if (found[cnt] == NULL)
{
found[cnt] = alloca (sizeof (struct armem));
+ memset (found[cnt], '\0', sizeof(struct armem));
found[cnt]->old_off = -1;
remember_long_name (found[cnt], bname, bnamelen);
--
2.27.0

64
backport-libelf-Correctly-decode-ar_mode-as-octal-string.patch Normal file
View File

@ -0,0 +1,64 @@
From ee188125b10d1588a0536af033d7b7b1bbbaafaf Mon Sep 17 00:00:00 2001
From: Mark Wielaard <mark@klomp.org>
Date: Sun, 28 Aug 2022 19:51:13 +0200
Subject: [PATCH] libelf: Correctly decode ar_mode as octal string
ar_mode is encoded as an octal ascii string, not decimal. Add a new
OCT_FIELD macro to decode it.
https://sourceware.org/bugzilla/show_bug.cgi?id=28729
Signed-off-by: Mark Wielaard <mark@klomp.org>
---
libelf/elf_begin.c | 25 +++++++++++++++++++++++--
1 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/libelf/elf_begin.c b/libelf/elf_begin.c
index 17d9b1f3..71eb3594 100644
--- a/libelf/elf_begin.c
+++ b/libelf/elf_begin.c
@@ -977,7 +977,8 @@ __libelf_next_arhdr_wrlock (Elf *elf)
atoll depending on the size of the types. We are also prepared
for the case where the whole field in the `struct ar_hdr' is
filled in which case we cannot simply use atol/l but instead have
- to create a temporary copy. */
+ to create a temporary copy. Note that all fields use decimal
+ encoding, except ar_mode which uses octal. */
#define INT_FIELD(FIELD) \
do \
@@ -997,10 +998,30 @@ __libelf_next_arhdr_wrlock (Elf *elf)
} \
while (0)
+#define OCT_FIELD(FIELD) \
+ do \
+ { \
+ char buf[sizeof (ar_hdr->FIELD) + 1]; \
+ const char *string = ar_hdr->FIELD; \
+ if (ar_hdr->FIELD[sizeof (ar_hdr->FIELD) - 1] != ' ') \
+ { \
+ *((char *) mempcpy (buf, ar_hdr->FIELD, sizeof (ar_hdr->FIELD))) \
+ = '\0'; \
+ string = buf; \
+ } \
+ if (sizeof (elf_ar_hdr->FIELD) <= sizeof (long int)) \
+ elf_ar_hdr->FIELD \
+ = (__typeof (elf_ar_hdr->FIELD)) strtol (string, NULL, 8); \
+ else \
+ elf_ar_hdr->FIELD \
+ = (__typeof (elf_ar_hdr->FIELD)) strtoll (string, NULL, 8); \
+ } \
+ while (0)
+
INT_FIELD (ar_date);
INT_FIELD (ar_uid);
INT_FIELD (ar_gid);
- INT_FIELD (ar_mode);
+ OCT_FIELD (ar_mode);
INT_FIELD (ar_size);
if (elf_ar_hdr->ar_size < 0)
--
2.27.0

9
elfutils.spec
View File

@ -1,17 +1,18 @@
# -*- rpm-spec from http://elfutils.org/ -*-
Name: elfutils
Version: 0.180
Release: 14
Release: 15
Summary: A collection of utilities and DSOs to handle ELF files and DWARF data
URL: http://elfutils.org/
License: GPLv3+ and (GPLv2+ or LGPLv3+)
Source: ftp://sourceware.org/pub/elfutils/%{version}/elfutils-%{version}.tar.bz2
Patch0: backport-elfclassify-Fix-no-stdin-flag.patch
Patch1: Fix-error-of-parsing-object-file-perms.patch
Patch1: backport-libelf-Correctly-decode-ar_mode-as-octal-string.patch
Patch2: Fix-issue-of-moving-files-by-ar-or-br.patch
Patch3: Get-instance-correctly-for-eu-ar-N-option.patch
Patch4: backport-CVE-2021-33294-readelf-Sanity-check-verneed-and-verdef-offsets-in-h.patch
Patch5: Fix-segfault-in-eu-ar-m.patch
Requires: elfutils-libelf = %{version}-%{release}
Requires: elfutils-libs = %{version}-%{release}
@ -302,6 +303,10 @@ exit 0
%systemd_postun_with_restart debuginfod.service
%changelog
* Fri Sep 01 2023 fuanan <fuanan3@h-partners.com> - 0.180-15
- Fix segfault in eu-ar -m
- Use upstream patch for Fix error of parsing object file perms
* Wed Jul 19 2023 fuanan <fuanan3@h-partners.com> - 0.180-14
- Fix CVE-2021-33294