From 9554a932e9bba6a400e2eb6f84c4018898a7aa5d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?coadde=20=5BM=C3=A1rcio=20Alexandre=20Silva=20Delgado=5D?=
 <coadde@parabola.nu>
Date: Sun, 30 Nov 2014 13:34:20 -0200
Subject: update cross-binutils

---
 .../binutils-2.24-CVE-2014-8501.patch              | 26 ++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 cross/cross-binutils/binutils-2.24-CVE-2014-8501.patch

(limited to 'cross/cross-binutils/binutils-2.24-CVE-2014-8501.patch')

diff --git a/cross/cross-binutils/binutils-2.24-CVE-2014-8501.patch b/cross/cross-binutils/binutils-2.24-CVE-2014-8501.patch
new file mode 100644
index 000000000..131288585
--- /dev/null
+++ b/cross/cross-binutils/binutils-2.24-CVE-2014-8501.patch
@@ -0,0 +1,26 @@
+diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
+index 2fb631c..987be40 100644
+--- a/bfd/peXXigen.c
++++ b/bfd/peXXigen.c
+@@ -504,6 +504,18 @@ _bfd_XXi_swap_aouthdr_in (bfd * abfd,
+   {
+     int idx;
+ 
++    /* PR 17512: Corrupt PE binaries can cause seg-faults.  */
++    if (a->NumberOfRvaAndSizes > 16)
++      {
++	(*_bfd_error_handler)
++	  (_("%B: aout header specifies an invalid number of data-directory entries: %d"),
++	   abfd, a->NumberOfRvaAndSizes);
++	/* Paranoia: If the number is corrupt, then assume that the
++	   actual entries themselves might be corrupt as well.  */
++	a->NumberOfRvaAndSizes = 0;
++      }
++
++
+     for (idx = 0; idx < a->NumberOfRvaAndSizes; idx++)
+       {
+         /* If data directory is empty, rva also should be 0.  */
+-- 
+1.7.1
+
-- 
cgit v1.2.3-2-g168b