meta/recipes-devtools/binutils/binutils/CVE-2022-47007.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

From 0ebc886149c22aceaf8ed74267821a59ca9d03eb Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Fri, 17 Jun 2022 09:00:41 +0930
Subject: [PATCH] PR29254, memory leak in stab_demangle_v3_arg

	PR 29254
	* stabs.c (stab_demangle_v3_arg): Free dt on failure path.
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=0ebc886149c22aceaf8ed74267821a59ca9d03eb]
CVE: CVE-2022-47007
Signed-off-by: Virendra Thakur <virendrak@kpit.com>
Comment: Patch refreshed based on codebase.
---
 binutils/stabs.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/binutils/stabs.c b/binutils/stabs.c
index 2b5241637c1..796ff85b86a 100644
--- a/binutils/stabs.c
+++ b/binutils/stabs.c
@@ -5476,7 +5476,10 @@
 					  dc->u.s_binary.right,
 					  &varargs);
 	if (pargs == NULL)
-	  return NULL;
+         {
+           free (dt);
+           return NULL;
+         }
 
 	return debug_make_function_type (dhandle, dt, pargs, varargs);
       }