binutils: add fix for CVE-2022-38533 (heap buffer-overflow in strip).

From upstream commit log: PR29482 - strip: heap-buffer-overflow PR 29482 * coffcode.h (coff_set_section_contents): Sanity check _LIB.
2022-12-12 21:41:19 +00:00 · 2022-12-12 21:41:19 +00:00 · 1e709f0a64
commit 1e709f0a64
parent 0a7b6c018e
2 changed files with 24 additions and 0 deletions
--- a/devel/binutils/Makefile
+++ b/devel/binutils/Makefile
@ -1,6 +1,7 @@
 COMMENT =	GNU binary utilities

 DISTNAME =	binutils-2.39
+REVISION =	0

 CATEGORIES =	devel

--- a/devel/binutils/patches/patch-bfd_coffcode_h
+++ b/devel/binutils/patches/patch-bfd_coffcode_h
@ -0,0 +1,23 @@
+Fix for CVE-2022-38533: heap buffer overflow in strip (Binutils PR29482).
+
+Upstream commit ef186fe54aa6d281a3ff8a9528417e5cc614c797.
+
+Index: bfd/coffcode.h
+--- bfd/coffcode.h.orig
+++ bfd/coffcode.h
+@@ -4284,10 +4284,13 @@ coff_set_section_contents (bfd * abfd,
+ 
+ 	rec = (bfd_byte *) location;
+ 	recend = rec + count;
+-	while (rec < recend)
+	while (recend - rec >= 4)
+ 	  {
+	    size_t len = bfd_get_32 (abfd, rec);
+	    if (len == 0 || len > (size_t) (recend - rec) / 4)
+	      break;
+	    rec += len * 4;
+ 	    ++section->lma;
+-	    rec += bfd_get_32 (abfd, rec) * 4;
+ 	  }
+ 
+ 	BFD_ASSERT (rec == recend);