forked from openembedded/meta-openembedded
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Source: meta-openembedded MR: 129773 Type: Integration Disposition: Merged from meta-openembedded ChangeID: 7f5ded2 Description: Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file. References: yasm/yasm#233 https://nvd.nist.gov/vuln/detail/CVE-2023-37732 Signed-off-by: Soumya <soumya.sambu@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 41fffef) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
- Loading branch information
1 parent
4c88bac
commit 6bb97bd
Showing
2 changed files
with
42 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
From 2cd3bb50e256f5ed5f611ac611d25fe673f2cec3 Mon Sep 17 00:00:00 2001 | ||
From: Peter Johnson <johnson.peter@gmail.com> | ||
Date: Fri, 11 Aug 2023 10:49:51 +0000 | ||
Subject: [PATCH] elf.c: Fix NULL deref on bad xsize expression (#234) | ||
|
||
CVE: CVE-2023-37732 | ||
|
||
Upstream-Status: Backport [https://github.com/yasm/yasm/commit/2cd3bb50e256f5ed5f611ac611d25fe673f2cec3] | ||
|
||
Signed-off-by: Soumya <soumya.sambu@windriver.com> | ||
--- | ||
modules/objfmts/elf/elf.c | 10 +++++----- | ||
1 file changed, 5 insertions(+), 5 deletions(-) | ||
|
||
diff --git a/modules/objfmts/elf/elf.c b/modules/objfmts/elf/elf.c | ||
index 2486bba8..bab4c9ca 100644 | ||
--- a/modules/objfmts/elf/elf.c | ||
+++ b/modules/objfmts/elf/elf.c | ||
@@ -482,15 +482,15 @@ elf_symtab_write_to_file(FILE *f, elf_symtab_head *symtab, | ||
|
||
/* get size (if specified); expr overrides stored integer */ | ||
if (entry->xsize) { | ||
- size_intn = yasm_intnum_copy( | ||
- yasm_expr_get_intnum(&entry->xsize, 1)); | ||
- if (!size_intn) { | ||
+ yasm_intnum *intn = yasm_expr_get_intnum(&entry->xsize, 1); | ||
+ if (!intn) { | ||
yasm_error_set(YASM_ERROR_VALUE, | ||
N_("size specifier not an integer expression")); | ||
yasm_errwarn_propagate(errwarns, entry->xsize->line); | ||
- } | ||
+ } else | ||
+ size_intn = yasm_intnum_copy(intn); | ||
} | ||
- else | ||
+ if (!size_intn) | ||
size_intn = yasm_intnum_create_uint(entry->size); | ||
|
||
/* get EQU value for constants */ | ||
-- | ||
2.40.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters