[PATCH] gdb: Fix CVE-2019-1010180

[PATCH] gdb: Fix CVE-2019-1010180

[Vinay Kumar]

Backport the upstream fix. that was not present in master.

Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>

Upstream-Status: Pending
---
 meta/recipes-devtools/gdb/gdb-8.3.1.inc            |  1 +
 .../gdb/gdb/CVE-2019-1010180.patch                 | 34 ++++++++++++++++++++++
 2 files changed, 35 insertions(+)
 create mode 100644 meta/recipes-devtools/gdb/gdb/CVE-2019-1010180.patch

diff --git a/meta/recipes-devtools/gdb/gdb-8.3.1.inc b/meta/recipes-devtools/gdb/gdb-8.3.1.inc
index 39f1c48..aec913f 100644
--- a/meta/recipes-devtools/gdb/gdb-8.3.1.inc
+++ b/meta/recipes-devtools/gdb/gdb-8.3.1.inc
@@ -16,6 +16,7 @@ SRC_URI = "${GNU_MIRROR}/gdb/gdb-${PV}.tar.xz \
            file://0009-Change-order-of-CFLAGS.patch \
            file://0010-resolve-restrict-keyword-conflict.patch \
            file://0011-Fix-invalid-sigprocmask-call.patch \
+           file://CVE-2019-1010180.patch \
            "
 SRC_URI[md5sum] = "73b6a5d8141672c62bf851cd34c4aa83"
 SRC_URI[sha256sum] = "1e55b4d7cdca7b34be12f4ceae651623aa73b2fd640152313f9f66a7149757c4"
diff --git a/meta/recipes-devtools/gdb/gdb/CVE-2019-1010180.patch b/meta/recipes-devtools/gdb/gdb/CVE-2019-1010180.patch
new file mode 100644
index 0000000..6e52024
--- /dev/null
+++ b/meta/recipes-devtools/gdb/gdb/CVE-2019-1010180.patch
@@ -0,0 +1,34 @@
+diff --git a/gdb/ChangeLog b/gdb/ChangeLog
+index 961a2e2..1dfb0cb 100644
+--- a/gdb/ChangeLog
++++ b/gdb/ChangeLog
+@@ -1,3 +1,9 @@
++2019-10-16  Keith Seitz  <keiths@redhat.com>
++
++	PR gdb/23567
++	* dwarf2read.c (dwarf2_per_objfile::locate_sections): Discard
++	sections whose size is greater than the file size.
++
+ 2019-09-20  Joel Brobecker  <brobecker@adacore.com>
+ 
+ 	* version.in: Set GDB version number to 8.3.1.
+diff --git a/gdb/dwarf2read.c b/gdb/dwarf2read.c
+index 4251ed0..fafdb89 100644
+--- a/gdb/dwarf2read.c
++++ b/gdb/dwarf2read.c
+@@ -2378,6 +2378,15 @@ dwarf2_per_objfile::locate_sections (bfd *abfd, asection *sectp,
+   if ((aflag & SEC_HAS_CONTENTS) == 0)
+     {
+     }
++  else if (elf_section_data (sectp)->this_hdr.sh_size
++	   > bfd_get_file_size (abfd))
++    {
++      bfd_size_type size = elf_section_data (sectp)->this_hdr.sh_size;
++      warning (_("Discarding section %s which has a section size (%s"
++		 ") larger than the file size [in module %s]"),
++	       bfd_section_name (abfd, sectp), phex_nz (size, sizeof (size)),
++	       bfd_get_filename (abfd));
++    }
+   else if (section_is_p (sectp->name, &names.info))
+     {
+       this->info.s.section = sectp;
-- 
2.7.4

✗ patchtest: failure for gdb: Fix CVE-2019-1010180

[Patchwork]

== Series Details ==

Series: gdb: Fix CVE-2019-1010180
Revision: 1
URL   : https://patchwork.openembedded.org/series/20820/
State : failure

== Summary ==


Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:



* Patch            gdb: Fix CVE-2019-1010180
 Issue             Missing or incorrectly formatted CVE tag in included patch file [test_cve_tag_format] 
  Suggested fix    Correct or include the CVE tag on cve patch with format: "CVE: CVE-YYYY-XXXX"

* Issue             A patch file has been added, but does not have a Signed-off-by tag [test_signed_off_by_presence] 
  Suggested fix    Sign off the added patch file (meta/recipes-devtools/gdb/gdb/CVE-2019-1010180.patch)

* Issue             Added patch file is missing Upstream-Status in the header [test_upstream_status_presence_format] 
  Suggested fix    Add Upstream-Status: <Valid status> to the header of meta/recipes-devtools/gdb/gdb/CVE-2019-1010180.patch
  Standard format  Upstream-Status: <Valid status>
  Valid status     Pending, Accepted, Backport, Denied, Inappropriate [reason], Submitted [where]



If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).

---
Guidelines:     https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite:     http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe

Re: [PATCH] gdb: Fix CVE-2019-1010180

[Ross Burton]

On 31/10/2019 10:23, Vinay Kumar wrote:
> Backport the upstream fix. that was not present in master.
> 
> Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com>
> 
> Upstream-Status: Pending

As per patchtest:

- the commit message shoud have your S-o-b
- the patch you're adding (CVE-2019-1010180.patch) should have an 
explanation of the changes, a CVE tag (CVE: CVE-2019-1010180), an 
Upstream-Status tag (you said its a backport, so set it to Backport), 
and your S-o-b.

Note that for sanity its probably best to remove the Changelog chunk 
from the patch, as other backported patches which also touch the 
changelog will conflict.

Ross