Re: [OE-core] [PATCH RESEND] gdb: Bump from 8.3 to 8.3.1
master is frozen for non-bug-fixes becuase we're past M3, this is queued in ross/mut until master re-opens when 3.0 is released. Ross -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [PATCH RESEND] gdb: Bump from 8.3 to 8.3.1
On Tue, Oct 8, 2019 at 10:49 AM akuster808 wrote:
>
>
>
> On 10/8/19 8:50 AM, Alistair Francis wrote:
> > Signed-off-by: Alistair Francis
> > ---
> > .../gdb/{gdb-8.3.inc => gdb-8.3.1.inc}| 5 +-
> > ...ian_8.3.bb => gdb-cross-canadian_8.3.1.bb} | 0
> > .../{gdb-cross_8.3.bb => gdb-cross_8.3.1.bb} | 0
> > .../gdb/gdb/CVE-2017-9778.patch | 98 ---
> > .../gdb/{gdb_8.3.bb => gdb_8.3.1.bb} | 0
> > 5 files changed, 2 insertions(+), 101 deletions(-)
> > rename meta/recipes-devtools/gdb/{gdb-8.3.inc => gdb-8.3.1.inc} (85%)
> > rename meta/recipes-devtools/gdb/{gdb-cross-canadian_8.3.bb =>
> > gdb-cross-canadian_8.3.1.bb} (100%)
> > rename meta/recipes-devtools/gdb/{gdb-cross_8.3.bb => gdb-cross_8.3.1.bb}
> > (100%)
> > delete mode 100644 meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch
> > rename meta/recipes-devtools/gdb/{gdb_8.3.bb => gdb_8.3.1.bb} (100%)
>
> is this a bug fix only update?
I think so, but I don't know for sure.
Alistair
>
> - armin
> >
> > diff --git a/meta/recipes-devtools/gdb/gdb-8.3.inc
> > b/meta/recipes-devtools/gdb/gdb-8.3.1.inc
> > similarity index 85%
> > rename from meta/recipes-devtools/gdb/gdb-8.3.inc
> > rename to meta/recipes-devtools/gdb/gdb-8.3.1.inc
> > index 070c17d4a1..39f1c48cc7 100644
> > --- a/meta/recipes-devtools/gdb/gdb-8.3.inc
> > +++ b/meta/recipes-devtools/gdb/gdb-8.3.1.inc
> > @@ -16,7 +16,6 @@ SRC_URI = "${GNU_MIRROR}/gdb/gdb-${PV}.tar.xz \
> > file://0009-Change-order-of-CFLAGS.patch \
> > file://0010-resolve-restrict-keyword-conflict.patch \
> > file://0011-Fix-invalid-sigprocmask-call.patch \
> > - file://CVE-2017-9778.patch \
> > "
> > -SRC_URI[md5sum] = "bbd95b2f9b34621ad7a19a3965476314"
> > -SRC_URI[sha256sum] =
> > "802f7ee309dcc547d65a68d61ebd6526762d26c3051f52caebe2189ac1ffd72e"
> > +SRC_URI[md5sum] = "73b6a5d8141672c62bf851cd34c4aa83"
> > +SRC_URI[sha256sum] =
> > "1e55b4d7cdca7b34be12f4ceae651623aa73b2fd640152313f9f66a7149757c4"
> > diff --git a/meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.bb
> > b/meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.1.bb
> > similarity index 100%
> > rename from meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.bb
> > rename to meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.1.bb
> > diff --git a/meta/recipes-devtools/gdb/gdb-cross_8.3.bb
> > b/meta/recipes-devtools/gdb/gdb-cross_8.3.1.bb
> > similarity index 100%
> > rename from meta/recipes-devtools/gdb/gdb-cross_8.3.bb
> > rename to meta/recipes-devtools/gdb/gdb-cross_8.3.1.bb
> > diff --git a/meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch
> > b/meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch
> > deleted file mode 100644
> > index f142ed00d7..00
> > --- a/meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch
> > +++ /dev/null
> > @@ -1,98 +0,0 @@
> > -From 6ad3791f095cfc1b0294f62c4b3a524ba735595e Mon Sep 17 00:00:00 2001
> > -From: Sandra Loosemore
> > -Date: Thu, 25 Apr 2019 07:27:02 -0700
> > -Subject: [PATCH] Detect invalid length field in debug frame FDE header.
> > -
> > -GDB was failing to catch cases where a corrupt ELF or core file
> > -contained an invalid length value in a Dwarf debug frame FDE header.
> > -It was checking for buffer overflow but not cases where the length was
> > -negative or caused pointer wrap-around.
> > -
> > -In addition to the additional validity check, this patch cleans up the
> > -multiple signed/unsigned conversions on the length field so that an
> > -unsigned representation is used consistently throughout.
> > -
> > -This patch fixes CVE-2017-9778 and PR gdb/21600.
> > -
> > -2019-04-25 Sandra Loosemore
> > - Kang Li
> > -
> > - PR gdb/21600
> > -
> > - * dwarf2-frame.c (read_initial_length): Be consistent about using
> > - unsigned representation of length.
> > - (decode_frame_entry_1): Likewise. Check for wraparound of
> > - end pointer as well as buffer overflow.
> > -
> > -Upstream-Status: Backport
> > -CVE: CVE-2017-9778
> > -Signed-off-by: Anuj Mittal
> >
> > - gdb/ChangeLog | 10 ++
> > - gdb/dwarf2-frame.c | 14 +++---
> > - 2 files changed, 17 insertions(+), 7 deletions(-)
> > -
> > -diff --git a/gdb/ChangeLog b/gdb/ChangeLog
> > -index 1c125de..d028d2b 100644
> > a/gdb/ChangeLog
> > -+++ b/gdb/ChangeLog
> > -@@ -1,3 +1,13 @@
> > -+2019-04-25 Sandra Loosemore
> > -+Kang Li
> > -+
> > -+PR gdb/21600
> > -+
> > -+* dwarf2-frame.c (read_initial_length): Be consistent about using
> > -+unsigned representation of length.
> > -+(decode_frame_entry_1): Likewise. Check for wraparound of
> > -+end pointer as well as buffer overflow.
> > -+
> > - 2019-05-11 Joel Brobecker
> > -
> > - * version.in: Set GDB version number to 8.3.
> > -diff --git a/gdb/dwarf2-frame.c b/gdb/dwarf2-frame.c
> > -index 178ac44..dc5d3b3 100644
> > a/gdb/dwarf2-frame.c
> > -+++ b/gdb/dwarf2-frame.c
> > -@@ -1488,7
Re: [OE-core] [PATCH RESEND] gdb: Bump from 8.3 to 8.3.1
On 10/8/19 8:50 AM, Alistair Francis wrote:
> Signed-off-by: Alistair Francis
> ---
> .../gdb/{gdb-8.3.inc => gdb-8.3.1.inc}| 5 +-
> ...ian_8.3.bb => gdb-cross-canadian_8.3.1.bb} | 0
> .../{gdb-cross_8.3.bb => gdb-cross_8.3.1.bb} | 0
> .../gdb/gdb/CVE-2017-9778.patch | 98 ---
> .../gdb/{gdb_8.3.bb => gdb_8.3.1.bb} | 0
> 5 files changed, 2 insertions(+), 101 deletions(-)
> rename meta/recipes-devtools/gdb/{gdb-8.3.inc => gdb-8.3.1.inc} (85%)
> rename meta/recipes-devtools/gdb/{gdb-cross-canadian_8.3.bb =>
> gdb-cross-canadian_8.3.1.bb} (100%)
> rename meta/recipes-devtools/gdb/{gdb-cross_8.3.bb => gdb-cross_8.3.1.bb}
> (100%)
> delete mode 100644 meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch
> rename meta/recipes-devtools/gdb/{gdb_8.3.bb => gdb_8.3.1.bb} (100%)
is this a bug fix only update?
- armin
>
> diff --git a/meta/recipes-devtools/gdb/gdb-8.3.inc
> b/meta/recipes-devtools/gdb/gdb-8.3.1.inc
> similarity index 85%
> rename from meta/recipes-devtools/gdb/gdb-8.3.inc
> rename to meta/recipes-devtools/gdb/gdb-8.3.1.inc
> index 070c17d4a1..39f1c48cc7 100644
> --- a/meta/recipes-devtools/gdb/gdb-8.3.inc
> +++ b/meta/recipes-devtools/gdb/gdb-8.3.1.inc
> @@ -16,7 +16,6 @@ SRC_URI = "${GNU_MIRROR}/gdb/gdb-${PV}.tar.xz \
> file://0009-Change-order-of-CFLAGS.patch \
> file://0010-resolve-restrict-keyword-conflict.patch \
> file://0011-Fix-invalid-sigprocmask-call.patch \
> - file://CVE-2017-9778.patch \
> "
> -SRC_URI[md5sum] = "bbd95b2f9b34621ad7a19a3965476314"
> -SRC_URI[sha256sum] =
> "802f7ee309dcc547d65a68d61ebd6526762d26c3051f52caebe2189ac1ffd72e"
> +SRC_URI[md5sum] = "73b6a5d8141672c62bf851cd34c4aa83"
> +SRC_URI[sha256sum] =
> "1e55b4d7cdca7b34be12f4ceae651623aa73b2fd640152313f9f66a7149757c4"
> diff --git a/meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.bb
> b/meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.1.bb
> similarity index 100%
> rename from meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.bb
> rename to meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.1.bb
> diff --git a/meta/recipes-devtools/gdb/gdb-cross_8.3.bb
> b/meta/recipes-devtools/gdb/gdb-cross_8.3.1.bb
> similarity index 100%
> rename from meta/recipes-devtools/gdb/gdb-cross_8.3.bb
> rename to meta/recipes-devtools/gdb/gdb-cross_8.3.1.bb
> diff --git a/meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch
> b/meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch
> deleted file mode 100644
> index f142ed00d7..00
> --- a/meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch
> +++ /dev/null
> @@ -1,98 +0,0 @@
> -From 6ad3791f095cfc1b0294f62c4b3a524ba735595e Mon Sep 17 00:00:00 2001
> -From: Sandra Loosemore
> -Date: Thu, 25 Apr 2019 07:27:02 -0700
> -Subject: [PATCH] Detect invalid length field in debug frame FDE header.
> -
> -GDB was failing to catch cases where a corrupt ELF or core file
> -contained an invalid length value in a Dwarf debug frame FDE header.
> -It was checking for buffer overflow but not cases where the length was
> -negative or caused pointer wrap-around.
> -
> -In addition to the additional validity check, this patch cleans up the
> -multiple signed/unsigned conversions on the length field so that an
> -unsigned representation is used consistently throughout.
> -
> -This patch fixes CVE-2017-9778 and PR gdb/21600.
> -
> -2019-04-25 Sandra Loosemore
> - Kang Li
> -
> - PR gdb/21600
> -
> - * dwarf2-frame.c (read_initial_length): Be consistent about using
> - unsigned representation of length.
> - (decode_frame_entry_1): Likewise. Check for wraparound of
> - end pointer as well as buffer overflow.
> -
> -Upstream-Status: Backport
> -CVE: CVE-2017-9778
> -Signed-off-by: Anuj Mittal
>
> - gdb/ChangeLog | 10 ++
> - gdb/dwarf2-frame.c | 14 +++---
> - 2 files changed, 17 insertions(+), 7 deletions(-)
> -
> -diff --git a/gdb/ChangeLog b/gdb/ChangeLog
> -index 1c125de..d028d2b 100644
> a/gdb/ChangeLog
> -+++ b/gdb/ChangeLog
> -@@ -1,3 +1,13 @@
> -+2019-04-25 Sandra Loosemore
> -+Kang Li
> -+
> -+PR gdb/21600
> -+
> -+* dwarf2-frame.c (read_initial_length): Be consistent about using
> -+unsigned representation of length.
> -+(decode_frame_entry_1): Likewise. Check for wraparound of
> -+end pointer as well as buffer overflow.
> -+
> - 2019-05-11 Joel Brobecker
> -
> - * version.in: Set GDB version number to 8.3.
> -diff --git a/gdb/dwarf2-frame.c b/gdb/dwarf2-frame.c
> -index 178ac44..dc5d3b3 100644
> a/gdb/dwarf2-frame.c
> -+++ b/gdb/dwarf2-frame.c
> -@@ -1488,7 +1488,7 @@ static ULONGEST
> - read_initial_length (bfd *abfd, const gdb_byte *buf,
> - unsigned int *bytes_read_ptr)
> - {
> -- LONGEST result;
> -+ ULONGEST result;
> -
> - result = bfd_get_32 (abfd, buf);
> - if (result == 0x)
> -@@ -1789,7 +1789,7 @@ decode_frame_entry_1 (struct comp_unit *unit
[OE-core] [PATCH RESEND] gdb: Bump from 8.3 to 8.3.1
Signed-off-by: Alistair Francis
---
.../gdb/{gdb-8.3.inc => gdb-8.3.1.inc}| 5 +-
...ian_8.3.bb => gdb-cross-canadian_8.3.1.bb} | 0
.../{gdb-cross_8.3.bb => gdb-cross_8.3.1.bb} | 0
.../gdb/gdb/CVE-2017-9778.patch | 98 ---
.../gdb/{gdb_8.3.bb => gdb_8.3.1.bb} | 0
5 files changed, 2 insertions(+), 101 deletions(-)
rename meta/recipes-devtools/gdb/{gdb-8.3.inc => gdb-8.3.1.inc} (85%)
rename meta/recipes-devtools/gdb/{gdb-cross-canadian_8.3.bb =>
gdb-cross-canadian_8.3.1.bb} (100%)
rename meta/recipes-devtools/gdb/{gdb-cross_8.3.bb => gdb-cross_8.3.1.bb}
(100%)
delete mode 100644 meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch
rename meta/recipes-devtools/gdb/{gdb_8.3.bb => gdb_8.3.1.bb} (100%)
diff --git a/meta/recipes-devtools/gdb/gdb-8.3.inc
b/meta/recipes-devtools/gdb/gdb-8.3.1.inc
similarity index 85%
rename from meta/recipes-devtools/gdb/gdb-8.3.inc
rename to meta/recipes-devtools/gdb/gdb-8.3.1.inc
index 070c17d4a1..39f1c48cc7 100644
--- a/meta/recipes-devtools/gdb/gdb-8.3.inc
+++ b/meta/recipes-devtools/gdb/gdb-8.3.1.inc
@@ -16,7 +16,6 @@ SRC_URI = "${GNU_MIRROR}/gdb/gdb-${PV}.tar.xz \
file://0009-Change-order-of-CFLAGS.patch \
file://0010-resolve-restrict-keyword-conflict.patch \
file://0011-Fix-invalid-sigprocmask-call.patch \
- file://CVE-2017-9778.patch \
"
-SRC_URI[md5sum] = "bbd95b2f9b34621ad7a19a3965476314"
-SRC_URI[sha256sum] =
"802f7ee309dcc547d65a68d61ebd6526762d26c3051f52caebe2189ac1ffd72e"
+SRC_URI[md5sum] = "73b6a5d8141672c62bf851cd34c4aa83"
+SRC_URI[sha256sum] =
"1e55b4d7cdca7b34be12f4ceae651623aa73b2fd640152313f9f66a7149757c4"
diff --git a/meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.bb
b/meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.1.bb
similarity index 100%
rename from meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.bb
rename to meta/recipes-devtools/gdb/gdb-cross-canadian_8.3.1.bb
diff --git a/meta/recipes-devtools/gdb/gdb-cross_8.3.bb
b/meta/recipes-devtools/gdb/gdb-cross_8.3.1.bb
similarity index 100%
rename from meta/recipes-devtools/gdb/gdb-cross_8.3.bb
rename to meta/recipes-devtools/gdb/gdb-cross_8.3.1.bb
diff --git a/meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch
b/meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch
deleted file mode 100644
index f142ed00d7..00
--- a/meta/recipes-devtools/gdb/gdb/CVE-2017-9778.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-From 6ad3791f095cfc1b0294f62c4b3a524ba735595e Mon Sep 17 00:00:00 2001
-From: Sandra Loosemore
-Date: Thu, 25 Apr 2019 07:27:02 -0700
-Subject: [PATCH] Detect invalid length field in debug frame FDE header.
-
-GDB was failing to catch cases where a corrupt ELF or core file
-contained an invalid length value in a Dwarf debug frame FDE header.
-It was checking for buffer overflow but not cases where the length was
-negative or caused pointer wrap-around.
-
-In addition to the additional validity check, this patch cleans up the
-multiple signed/unsigned conversions on the length field so that an
-unsigned representation is used consistently throughout.
-
-This patch fixes CVE-2017-9778 and PR gdb/21600.
-
-2019-04-25 Sandra Loosemore
- Kang Li
-
- PR gdb/21600
-
- * dwarf2-frame.c (read_initial_length): Be consistent about using
- unsigned representation of length.
- (decode_frame_entry_1): Likewise. Check for wraparound of
- end pointer as well as buffer overflow.
-
-Upstream-Status: Backport
-CVE: CVE-2017-9778
-Signed-off-by: Anuj Mittal
- gdb/ChangeLog | 10 ++
- gdb/dwarf2-frame.c | 14 +++---
- 2 files changed, 17 insertions(+), 7 deletions(-)
-
-diff --git a/gdb/ChangeLog b/gdb/ChangeLog
-index 1c125de..d028d2b 100644
a/gdb/ChangeLog
-+++ b/gdb/ChangeLog
-@@ -1,3 +1,13 @@
-+2019-04-25 Sandra Loosemore
-+ Kang Li
-+
-+ PR gdb/21600
-+
-+ * dwarf2-frame.c (read_initial_length): Be consistent about using
-+ unsigned representation of length.
-+ (decode_frame_entry_1): Likewise. Check for wraparound of
-+ end pointer as well as buffer overflow.
-+
- 2019-05-11 Joel Brobecker
-
- * version.in: Set GDB version number to 8.3.
-diff --git a/gdb/dwarf2-frame.c b/gdb/dwarf2-frame.c
-index 178ac44..dc5d3b3 100644
a/gdb/dwarf2-frame.c
-+++ b/gdb/dwarf2-frame.c
-@@ -1488,7 +1488,7 @@ static ULONGEST
- read_initial_length (bfd *abfd, const gdb_byte *buf,
-unsigned int *bytes_read_ptr)
- {
-- LONGEST result;
-+ ULONGEST result;
-
- result = bfd_get_32 (abfd, buf);
- if (result == 0x)
-@@ -1789,7 +1789,7 @@ decode_frame_entry_1 (struct comp_unit *unit, const
gdb_byte *start,
- {
- struct gdbarch *gdbarch = get_objfile_arch (unit->objfile);
- const gdb_byte *buf, *end;
-- LONGEST length;
-+ ULONGEST length;
- unsigned int bytes_read;
- int dwarf64_p;
- ULONGEST cie_id;
-@@ -1800,15 +1800,15 @@ decode_frame_entry_1 (struct comp_uni
