From f71cbad5014c6d8ddc4f0f6d5c5204ba5d335d53 Mon Sep 17 00:00:00 2001
From: Linux_zhang <zhangruifang1@h-partners.com>
Date: Thu, 22 May 2025 14:33:13 +0800
Subject: [PATCH] Fix CVE-2025-3198: Memory leak issue in objdump

---
 backport-CVE-2025-3198.patch | 26 ++++++++++++++++++++++++++
 binutils.spec                |  8 +++++++-
 2 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2025-3198.patch

diff --git a/backport-CVE-2025-3198.patch b/backport-CVE-2025-3198.patch
new file mode 100644
index 0000000..1125eb9
--- /dev/null
+++ b/backport-CVE-2025-3198.patch
@@ -0,0 +1,26 @@
+From ba6ad3a18cb26b79e0e3b84c39f707535bbc344d Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Wed, 19 Feb 2025 07:58:54 +1030
+Subject: [PATCH] PR32716, objdump -i memory leak
+
+	PR binutils/32716
+	* bucomm.c (display_info): Free arg.info.
+---
+ binutils/bucomm.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/binutils/bucomm.c b/binutils/bucomm.c
+index ccf54099154..d4554737db1 100644
+--- a/binutils/bucomm.c
++++ b/binutils/bucomm.c
+@@ -435,6 +435,7 @@ display_info (void)
+   if (!arg.error)
+     display_target_tables (&arg);
+ 
++  free (arg.info);
+   return arg.error;
+ }
+ 
+-- 
+2.43.5
+
diff --git a/binutils.spec b/binutils.spec
index b323086..0659914 100644
--- a/binutils.spec
+++ b/binutils.spec
@@ -2,7 +2,7 @@
 Summary: A GNU collection of binary utilities
 Name: binutils%{?_with_debug:-debug}
 Version: 2.41
-Release: 11
+Release: 12
 License: GPL-3.0-or-later AND (GPL-3.0-or-later WITH Bison-exception-2.2) AND (LGPL-2.0-or-later WITH GCC-exception-2.0) AND BSD-3-Clause AND GFDL-1.3-or-later AND GPL-2.0-or-later AND LGPL-2.1-or-later AND LGPL-2.0-or-later
 URL: https://sourceware.org/binutils
 
@@ -242,6 +242,9 @@ Patch5010: nm-Avoid-potential-segmentation-fault-when-displaying.patch
 # Lifetime: Fixed in 2.44
 Patch5011: backport-CVE-2025-0840.patch
 
+# Purpose: PR32716, objdump -i memory leak
+# Lifetime: fixed in master
+Patch5012: backport-CVE-2025-3198.patch
 #----------------------------------------------------------------------------
 
 Provides: bundled(libiberty)
@@ -1256,6 +1259,9 @@ exit 0
 
 #----------------------------------------------------------------------------
 %changelog
+* Thu May 22 2025 Linux_zhang <zhangruifang@h-partners.com> - 2.41-12
+- Fix CVE-2025-3198: Memory leak issue in objdump
+
 * Sat Jan 25 2025 Funda Wang <fundawang@yeah.net> - 2.41-11
 - Fix CVE-2024-57360: nm: Avoid potential segmentation fault when displaying
   symbols without version info.
-- 
Gitee