diff --git a/BFD-Exclude-sections-with-no-content-from-compress-c.patch b/BFD-Exclude-sections-with-no-content-from-compress-c.patch deleted file mode 100644 index ffe355dff781718e27f38fc16264255c1e18d463..0000000000000000000000000000000000000000 --- a/BFD-Exclude-sections-with-no-content-from-compress-c.patch +++ /dev/null @@ -1,82 +0,0 @@ -From 9f57ab49b32bc14c0ff3834876a185af0a4c6e6b Mon Sep 17 00:00:00 2001 -From: Tamar Christina -Date: Tue, 21 Apr 2020 15:16:21 +0100 -Subject: [PATCH] BFD: Exclude sections with no content from compress check. - -The check in bfd_get_full_section_contents is trying to check that we don't -allocate more space for a section than the size of the section is on disk. - -Previously we excluded linker created sections since they didn't have a size on -disk. However we also need to exclude sections with no content as well such as -the BSS section. Space for these would not have been allocated by the assembler -and so the check would incorrectly fail. - -bfd/ChangeLog: - - PR binutils/24753 - * compress.c (bfd_get_full_section_contents): Exclude sections with no - content. - -gas/ChangeLog: - - PR binutils/24753 - * testsuite/gas/arm/pr24753.d: New test. - * testsuite/gas/arm/pr24753.s: New test. - -(cherry picked from commit c36876fe5b5bac1c404ab2ca82bfbfb2ed9a2717) ---- - bfd/compress.c | 3 +++ - gas/testsuite/gas/arm/pr24753.d | 7 +++++++ - gas/testsuite/gas/arm/pr24753.s | 12 ++++++++++++ - 3 files changed, 24 insertions(+) - create mode 100644 gas/testsuite/gas/arm/pr24753.d - create mode 100644 gas/testsuite/gas/arm/pr24753.s - -diff --git a/bfd/compress.c b/bfd/compress.c -index ce6bb2b..728ba39 100644 ---- a/bfd/compress.c -+++ b/bfd/compress.c -@@ -255,6 +255,9 @@ bfd_get_full_section_contents (bfd *abfd, sec_ptr sec, bfd_byte **ptr) - /* PR 24753: Linker created sections can be larger than - the file size, eg if they are being used to hold stubs. */ - && (bfd_section_flags (sec) & SEC_LINKER_CREATED) == 0 -+ /* PR 24753: Sections which have no content should also be -+ excluded as they contain no size on disk. */ -+ && (bfd_section_flags (sec) & SEC_HAS_CONTENTS) != 0 - /* The MMO file format supports its own special compression - technique, but it uses COMPRESS_SECTION_NONE when loading - a section's contents. */ -diff --git a/gas/testsuite/gas/arm/pr24753.d b/gas/testsuite/gas/arm/pr24753.d -new file mode 100644 -index 0000000..01990d1 ---- /dev/null -+++ b/gas/testsuite/gas/arm/pr24753.d -@@ -0,0 +1,7 @@ -+#skip: *-*-pe *-*-wince *-*-vxworks -+#objdump: -d -+#name: PR24753: Don't error on sections with no content size mismatch with file -+ -+.*: +file format .*arm.* -+ -+#... -diff --git a/gas/testsuite/gas/arm/pr24753.s b/gas/testsuite/gas/arm/pr24753.s -new file mode 100644 -index 0000000..5ba33fd ---- /dev/null -+++ b/gas/testsuite/gas/arm/pr24753.s -@@ -0,0 +1,12 @@ -+.text -+.global _start -+_start: -+ nop -+ -+.section .text2, "ax", %progbits -+_func: -+ nop -+ -+.bss -+.fill 0x8000 -+ --- -1.8.3.1 - diff --git a/Import-a-fix-from-the-mainline-sources-that-prevents.patch b/Import-a-fix-from-the-mainline-sources-that-prevents.patch deleted file mode 100644 index 19aa846d94c8f12751d6b1c088b12d8156307934..0000000000000000000000000000000000000000 --- a/Import-a-fix-from-the-mainline-sources-that-prevents.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 82f439d028c65663a0baf0a17ef5c4a2ea5c84a7 Mon Sep 17 00:00:00 2001 -From: Nick Clifton -Date: Tue, 11 Feb 2020 15:55:25 +0000 -Subject: [PATCH] Import a fix from the mainline sources that prevents a - potential illegal memory access when parsing PE binaries. - - PR 25447 - * coffgen.c (_bfd_coff_close_and_cleanup): Do not clear the keep - syms and keep strings flags as these may have been set in order to - prevent a bogus call to free. ---- - bfd/coffgen.c | 6 ++++-- - 1 files changed, 4 insertions(+), 2 deletions(-) - -diff --git a/bfd/coffgen.c b/bfd/coffgen.c -index 2bfcf1a..3ddd2d8 100644 ---- a/bfd/coffgen.c -+++ b/bfd/coffgen.c -@@ -3175,8 +3175,10 @@ _bfd_coff_close_and_cleanup (bfd *abfd) - && bfd_family_coff (abfd) - && coff_data (abfd) != NULL) - { -- obj_coff_keep_syms (abfd) = FALSE; -- obj_coff_keep_strings (abfd) = FALSE; -+ /* PR 25447: -+ Do not clear the keep_syms and keep_strings flags. -+ These may have been set by pe_ILF_build_a_bfd() indicating -+ that the syms and strings pointers are not to be freed. */ - if (!_bfd_coff_free_symbols (abfd)) - return FALSE; - } --- -1.8.3.1 - diff --git a/NDS32-disassembly-of-odd-sized-sections.patch b/NDS32-disassembly-of-odd-sized-sections.patch deleted file mode 100644 index 1da0cac5ad95d856de0165b178bef7a64e461903..0000000000000000000000000000000000000000 --- a/NDS32-disassembly-of-odd-sized-sections.patch +++ /dev/null @@ -1,87 +0,0 @@ -From fe90ae8a9f54e4fe8b9089fed48b0e1818414f57 Mon Sep 17 00:00:00 2001 -From: Alan Modra -Date: Fri, 20 Mar 2020 10:51:14 +1030 -Subject: [PATCH] NDS32 disassembly of odd sized sections - - * nds32-dis.c (print_insn_nds32): Remove unnecessary casts. - Initialize parts of buffer not written when handling a possible - 2-byte insn at end of section. Don't attempt decoding of such - an insn by the 4-byte machinery. ---- - opcodes/nds32-dis.c | 24 +++++++++++++++--------- - 1 files changed, 15 insertions(+), 9 deletions(-) - -diff --git a/opcodes/nds32-dis.c b/opcodes/nds32-dis.c -index c5874ff..35e4ba0 100644 ---- a/opcodes/nds32-dis.c -+++ b/opcodes/nds32-dis.c -@@ -985,7 +985,7 @@ print_insn_nds32 (bfd_vma pc, disassemble_info *info) - int is_data = FALSE; - bfd_boolean found = FALSE; - struct nds32_private_data *private_data; -- unsigned int size = 16; -+ unsigned int size; - enum map_type mapping_type = MAP_CODE; - - if (info->private_data == NULL) -@@ -1063,6 +1063,7 @@ print_insn_nds32 (bfd_vma pc, disassemble_info *info) - - /* Fix corner case: there is no next mapping symbol, - let mapping type decides size */ -+ size = 16; - if (last_symbol_index + 1 >= info->symtab_size) - { - if (mapping_type == MAP_DATA0) -@@ -1096,7 +1097,7 @@ print_insn_nds32 (bfd_vma pc, disassemble_info *info) - size = (pc & 1) ? 1 : 2; - - /* Read bytes from BFD. */ -- info->read_memory_func (pc, (bfd_byte *) buf_data, size, info); -+ info->read_memory_func (pc, buf_data, size, info); - given = 0; - given1 = 0; - /* Start assembling data. */ -@@ -1153,16 +1154,20 @@ print_insn_nds32 (bfd_vma pc, disassemble_info *info) - return size; - } - -- status = info->read_memory_func (pc, (bfd_byte *) buf, 4, info); -+ size = 4; -+ status = info->read_memory_func (pc, buf, 4, info); - if (status) - { - /* For the last 16-bit instruction. */ -- status = info->read_memory_func (pc, (bfd_byte *) buf, 2, info); -+ size = 2; -+ status = info->read_memory_func (pc, buf, 2, info); - if (status) - { -- (*info->memory_error_func)(status, pc, info); -+ (*info->memory_error_func) (status, pc, info); - return -1; - } -+ buf[2] = 0; -+ buf[3] = 0; - } - - insn = bfd_getb32 (buf); -@@ -1174,11 +1179,12 @@ print_insn_nds32 (bfd_vma pc, disassemble_info *info) - } - - /* 32-bit instructions. */ -+ if (size == 4) -+ print_insn32 (pc, info, insn, NDS32_PARSE_INSN32); - else -- { -- print_insn32 (pc, info, insn, NDS32_PARSE_INSN32); -- return 4; -- } -+ info->fprintf_func (info->stream, -+ _("insufficient data to decode instruction")); -+ return 4; - } - - /* Ignore disassembling unnecessary name. */ --- -1.8.3.1 - diff --git a/PR25585-PHDR-segment-not-covered-by-LOAD-segment.patch b/PR25585-PHDR-segment-not-covered-by-LOAD-segment.patch deleted file mode 100644 index 7040c21255788aa7d083e0da0a7a92a27e5a0647..0000000000000000000000000000000000000000 --- a/PR25585-PHDR-segment-not-covered-by-LOAD-segment.patch +++ /dev/null @@ -1,43 +0,0 @@ -From acc4a8b8ac83077819948126bc7501d35eb1ea74 Mon Sep 17 00:00:00 2001 -From: Alan Modra -Date: Sat, 22 Feb 2020 12:46:33 +1030 -Subject: [PATCH] PR25585, PHDR segment not covered by LOAD segment - -I closed this bug as invalid, but I think it is worth mentioning in NEWS -that older linkers didn't check PT_PHDR very well. The patch also allows -people to force an output file with --noinhibit-exec after the error. - -bfd/ - PR 25585 - * elf.c (assign_file_positions_for_load_sections): Continue linking - on "PHDR segment not covered by LOAD segment" errors. -ld/ - PR 25585 - * NEWS: Mention better "PHDR segment not covered by LOAD segment" - checking. - -(cherry picked from commit 7b3c27152b5695177a2cd5adc0d7b0255f99aca0) ---- - bfd/elf.c | 6 +++++- - 1 files changed, 5 insertions(+), 1 deletion(-) - -diff --git a/bfd/elf.c b/bfd/elf.c -index a8d98a6..f02b724 100644 ---- a/bfd/elf.c -+++ b/bfd/elf.c -@@ -5934,7 +5934,11 @@ assign_file_positions_for_load_sections (bfd *abfd, - _bfd_error_handler (_("%pB: error: PHDR segment not covered" - " by LOAD segment"), - abfd); -- return FALSE; -+ if (link_info == NULL) -+ return FALSE; -+ /* Arrange for the linker to exit with an error, deleting -+ the output file unless --noinhibit-exec is given. */ -+ link_info->callbacks->info ("%X"); - } - - /* Check that all sections are in a PT_LOAD segment. --- -1.8.3.1 - diff --git a/PR25745-powerpc64-ld-overflows-string-buffer-in-stat.patch b/PR25745-powerpc64-ld-overflows-string-buffer-in-stat.patch deleted file mode 100644 index 941aaf5a5f06b493db0a39dd9cfd88a77379fa7d..0000000000000000000000000000000000000000 --- a/PR25745-powerpc64-ld-overflows-string-buffer-in-stat.patch +++ /dev/null @@ -1,104 +0,0 @@ -From f7aec2b8e09768f284085259e08bfc1f61a0ae27 Mon Sep 17 00:00:00 2001 -From: Alan Modra -Date: Mon, 30 Mar 2020 09:28:02 +1030 -Subject: [PATCH] PR25745, powerpc64-ld overflows string buffer in --stats mode - - PR 25745 - * elf64-ppc.c (ppc64_elf_build_stubs): Use asprintf to form - statistics message. - -(cherry picked from commit 988b7300bc990abafd982bdcd217c58bc1e0679a) ---- - bfd/elf64-ppc.c | 76 ++++++++++++++++++++++++++++++--------------------------- - 1 files changed, 40 insertions(+), 36 deletions(-) - -diff --git a/bfd/elf64-ppc.c b/bfd/elf64-ppc.c -index bea722c..47ff648 100644 ---- a/bfd/elf64-ppc.c -+++ b/bfd/elf64-ppc.c -@@ -14116,42 +14116,46 @@ ppc64_elf_build_stubs (struct bfd_link_info *info, - - if (stats != NULL) - { -- size_t len; -- *stats = bfd_malloc (500); -- if (*stats == NULL) -- return FALSE; -- -- len = sprintf (*stats, -- ngettext ("linker stubs in %u group\n", -- "linker stubs in %u groups\n", -- stub_sec_count), -- stub_sec_count); -- sprintf (*stats + len, _(" branch %lu\n" -- " branch toc adj %lu\n" -- " branch notoc %lu\n" -- " branch both %lu\n" -- " long branch %lu\n" -- " long toc adj %lu\n" -- " long notoc %lu\n" -- " long both %lu\n" -- " plt call %lu\n" -- " plt call save %lu\n" -- " plt call notoc %lu\n" -- " plt call both %lu\n" -- " global entry %lu"), -- htab->stub_count[ppc_stub_long_branch - 1], -- htab->stub_count[ppc_stub_long_branch_r2off - 1], -- htab->stub_count[ppc_stub_long_branch_notoc - 1], -- htab->stub_count[ppc_stub_long_branch_both - 1], -- htab->stub_count[ppc_stub_plt_branch - 1], -- htab->stub_count[ppc_stub_plt_branch_r2off - 1], -- htab->stub_count[ppc_stub_plt_branch_notoc - 1], -- htab->stub_count[ppc_stub_plt_branch_both - 1], -- htab->stub_count[ppc_stub_plt_call - 1], -- htab->stub_count[ppc_stub_plt_call_r2save - 1], -- htab->stub_count[ppc_stub_plt_call_notoc - 1], -- htab->stub_count[ppc_stub_plt_call_both - 1], -- htab->stub_count[ppc_stub_global_entry - 1]); -+ char *groupmsg; -+ if (asprintf (&groupmsg, -+ ngettext ("linker stubs in %u group\n", -+ "linker stubs in %u groups\n", -+ stub_sec_count), -+ stub_sec_count) < 0) -+ *stats = NULL; -+ else -+ { -+ if (asprintf (stats, _("%s" -+ " branch %lu\n" -+ " branch toc adj %lu\n" -+ " branch notoc %lu\n" -+ " branch both %lu\n" -+ " long branch %lu\n" -+ " long toc adj %lu\n" -+ " long notoc %lu\n" -+ " long both %lu\n" -+ " plt call %lu\n" -+ " plt call save %lu\n" -+ " plt call notoc %lu\n" -+ " plt call both %lu\n" -+ " global entry %lu"), -+ groupmsg, -+ htab->stub_count[ppc_stub_long_branch - 1], -+ htab->stub_count[ppc_stub_long_branch_r2off - 1], -+ htab->stub_count[ppc_stub_long_branch_notoc - 1], -+ htab->stub_count[ppc_stub_long_branch_both - 1], -+ htab->stub_count[ppc_stub_plt_branch - 1], -+ htab->stub_count[ppc_stub_plt_branch_r2off - 1], -+ htab->stub_count[ppc_stub_plt_branch_notoc - 1], -+ htab->stub_count[ppc_stub_plt_branch_both - 1], -+ htab->stub_count[ppc_stub_plt_call - 1], -+ htab->stub_count[ppc_stub_plt_call_r2save - 1], -+ htab->stub_count[ppc_stub_plt_call_notoc - 1], -+ htab->stub_count[ppc_stub_plt_call_both - 1], -+ htab->stub_count[ppc_stub_global_entry - 1]) < 0) -+ *stats = NULL; -+ free (groupmsg); -+ } - } - return TRUE; - } --- -1.8.3.1 - diff --git a/Re-PR24511-nm-should-not-mark-symbols-in-.init_array.patch b/Re-PR24511-nm-should-not-mark-symbols-in-.init_array.patch deleted file mode 100644 index 740ee35ff959d4a2882b5ce24bd3872cd1b1fbc8..0000000000000000000000000000000000000000 --- a/Re-PR24511-nm-should-not-mark-symbols-in-.init_array.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 40bfb9762747f8336b17c70a0173d10200fa62eb Mon Sep 17 00:00:00 2001 -From: Alan Modra -Date: Thu, 27 Feb 2020 17:28:47 +1030 -Subject: [PATCH] Re: PR24511, nm should not mark symbols in .init_array as "t" - - PR 24511 - * syms.c (bfd_decode_symclass): Reverse order of coff_section_type - and decode_section_type calls. ---- - bfd/syms.c | 4 ++-- - 1 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/bfd/syms.c b/bfd/syms.c -index 128cf19..8a8b74f 100644 ---- a/bfd/syms.c -+++ b/bfd/syms.c -@@ -705,9 +705,9 @@ bfd_decode_symclass (asymbol *symbol) - c = 'a'; - else if (symbol->section) - { -- c = decode_section_type (symbol->section); -+ c = coff_section_type (symbol->section->name); - if (c == '?') -- c = coff_section_type (symbol->section->name); -+ c = decode_section_type (symbol->section); - } - else - return '?'; --- -1.8.3.1 - diff --git a/Re-asan-more-readelf-leaks.patch b/Re-asan-more-readelf-leaks.patch deleted file mode 100644 index dc11a72c4a78cec29f479e99dee6ee933b9babab..0000000000000000000000000000000000000000 --- a/Re-asan-more-readelf-leaks.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 1bd6175ae79099173c1510d209ad9978129e22c0 Mon Sep 17 00:00:00 2001 -From: Alan Modra -Date: Sat, 14 Mar 2020 18:58:11 +1030 -Subject: [PATCH] Re: asan: more readelf leaks - -In git commit fd486f32d15e I put some static variables used by -get_symbol_for_build_attribute in a file scope ba_cache struct. This -was to prevent leaks in get_symbol_for_build_attribute, and to tidy up -before readelf exited. The patch wasn't quite right though. When -readelf processes more than one file it was possible to double free -arrays allocated in get_symbol_for_build_attribute. - - * readelf.c (process_file): Clean ba_cache. ---- - binutils/readelf.c | 2 ++ - 1 files changed, 2 insertions(+) - -diff --git a/binutils/readelf.c b/binutils/readelf.c -index 0f8a080..49eb20f 100644 ---- a/binutils/readelf.c -+++ b/binutils/readelf.c -@@ -20571,7 +20571,9 @@ process_file (char * file_name) - free (filedata); - - free (ba_cache.strtab); -+ ba_cache.strtab = NULL; - free (ba_cache.symtab); -+ ba_cache.symtab = NULL; - ba_cache.filedata = NULL; - - return ret; --- -1.8.3.1 - diff --git a/asan-more-readelf-leaks.patch b/asan-more-readelf-leaks.patch deleted file mode 100644 index 1f792fee5cdbb2a1ef43de4382f1be8305f7996f..0000000000000000000000000000000000000000 --- a/asan-more-readelf-leaks.patch +++ /dev/null @@ -1,481 +0,0 @@ -From fd486f32d15e3299b905084a697fac6349c43f76 Mon Sep 17 00:00:00 2001 -From: Alan Modra -Date: Fri, 13 Mar 2020 13:21:15 +1030 -Subject: [PATCH] asan: more readelf leaks - - * elfcomm.c (get_archive_member_name): Always return malloc'd - string or NULL. - * elfedit.c (process_archive): Tidy memory on all return paths. - * readelf.c (process_archive): Likewise. - (process_symbol_table): Likewise. - (ba_cache): New, replacing .. - (get_symbol_for_build_attribute): ..static vars here. Free - strtab and symtab before loading new ones. Reject symtab without - valid strtab in loop, breaking out of loop on valid symtab. - (process_file): Free ba_cache symtab and strtab here, resetting - ba_cache. ---- - binutils/elfcomm.c | 8 +-- - binutils/elfedit.c | 9 ++++ - binutils/readelf.c | 152 +++++++++++++++++++++++++++++++++-------------------- - 3 files changed, 107 insertions(+), 62 deletions(-) - -diff --git a/binutils/elfcomm.c b/binutils/elfcomm.c -index 87a544b..3060ff1 100644 ---- a/binutils/elfcomm.c -+++ b/binutils/elfcomm.c -@@ -797,7 +797,7 @@ get_archive_member_name (struct archive_info *arch, - arch->longnames[j] = '\0'; - - if (!arch->is_thin_archive || arch->nested_member_origin == 0) -- return arch->longnames + k; -+ return xstrdup (arch->longnames + k); - - /* PR 17531: file: 2896dc8b. */ - if (k >= j) -@@ -813,7 +813,7 @@ get_archive_member_name (struct archive_info *arch, - if (member_file_name != NULL - && setup_nested_archive (nested_arch, member_file_name) == 0) - { -- member_name = get_archive_member_name_at (nested_arch, -+ member_name = get_archive_member_name_at (nested_arch, - arch->nested_member_origin, - NULL); - if (member_name != NULL) -@@ -825,7 +825,7 @@ get_archive_member_name (struct archive_info *arch, - free (member_file_name); - - /* Last resort: just return the name of the nested archive. */ -- return arch->longnames + k; -+ return xstrdup (arch->longnames + k); - } - - /* We have a normal (short) name. */ -@@ -833,7 +833,7 @@ get_archive_member_name (struct archive_info *arch, - if (arch->arhdr.ar_name[j] == '/') - { - arch->arhdr.ar_name[j] = '\0'; -- return arch->arhdr.ar_name; -+ return xstrdup (arch->arhdr.ar_name); - } - - /* The full ar_name field is used. Don't rely on ar_date starting -diff --git a/binutils/elfedit.c b/binutils/elfedit.c -index e94b677..3a14c60 100644 ---- a/binutils/elfedit.c -+++ b/binutils/elfedit.c -@@ -616,6 +616,7 @@ process_archive (const char * file_name, FILE * file, - if (qualified_name == NULL) - { - error (_("%s: bad archive file name\n"), file_name); -+ free (name); - ret = 1; - break; - } -@@ -626,8 +627,10 @@ process_archive (const char * file_name, FILE * file, - FILE *member_file; - char *member_file_name = adjust_relative_path (file_name, - name, namelen); -+ free (name); - if (member_file_name == NULL) - { -+ free (qualified_name); - ret = 1; - break; - } -@@ -638,6 +641,7 @@ process_archive (const char * file_name, FILE * file, - error (_("Input file '%s' is not readable\n"), - member_file_name); - free (member_file_name); -+ free (qualified_name); - ret = 1; - break; - } -@@ -648,9 +652,12 @@ process_archive (const char * file_name, FILE * file, - - fclose (member_file); - free (member_file_name); -+ free (qualified_name); - } - else if (is_thin_archive) - { -+ free (name); -+ - /* This is a proxy for a member of a nested archive. */ - archive_file_offset = arch.nested_member_origin + sizeof arch.arhdr; - -@@ -661,6 +668,7 @@ process_archive (const char * file_name, FILE * file, - { - error (_("%s: failed to seek to archive member\n"), - nested_arch.file_name); -+ free (qualified_name); - ret = 1; - break; - } -@@ -669,6 +677,7 @@ process_archive (const char * file_name, FILE * file, - } - else - { -+ free (name); - archive_file_offset = arch.next_arhdr_offset; - arch.next_arhdr_offset += archive_file_size; - -diff --git a/binutils/readelf.c b/binutils/readelf.c -index d009b91..4e21bdb 100644 ---- a/binutils/readelf.c -+++ b/binutils/readelf.c -@@ -11766,17 +11766,17 @@ process_symbol_table (Filedata * filedata) - buckets = get_dynamic_data (filedata, nbuckets, hash_ent_size); - chains = get_dynamic_data (filedata, nchains, hash_ent_size); - -- no_hash: - if (buckets == NULL || chains == NULL) - { -- if (do_using_dynamic) -- return FALSE; -+ no_hash: - free (buckets); - free (chains); - buckets = NULL; - chains = NULL; - nbuckets = 0; - nchains = 0; -+ if (do_using_dynamic) -+ goto err_out; - } - } - -@@ -11833,7 +11833,7 @@ process_symbol_table (Filedata * filedata) - if (gnubuckets[i] != 0) - { - if (gnubuckets[i] < gnusymidx) -- return FALSE; -+ goto err_out; - - if (maxchain == 0xffffffff || gnubuckets[i] > maxchain) - maxchain = gnubuckets[i]; -@@ -11898,21 +11898,17 @@ process_symbol_table (Filedata * filedata) - } - - mipsxlat = get_dynamic_data (filedata, maxchain, 4); -- } -- -- no_gnu_hash: -- if (dynamic_info_DT_MIPS_XHASH && mipsxlat == NULL) -- { -- free (gnuchains); -- gnuchains = NULL; -- } -- if (gnuchains == NULL) -- { -- free (gnubuckets); -- gnubuckets = NULL; -- ngnubuckets = 0; -- if (do_using_dynamic) -- return FALSE; -+ if (mipsxlat == NULL) -+ { -+ no_gnu_hash: -+ free (gnuchains); -+ gnuchains = NULL; -+ free (gnubuckets); -+ gnubuckets = NULL; -+ ngnubuckets = 0; -+ if (do_using_dynamic) -+ goto err_out; -+ } - } - } - -@@ -12129,7 +12125,7 @@ process_symbol_table (Filedata * filedata) - if (lengths == NULL) - { - error (_("Out of memory allocating space for histogram buckets\n")); -- return FALSE; -+ goto err_out; - } - visited = xcmalloc (nchains, 1); - memset (visited, 0, nchains); -@@ -12157,7 +12153,7 @@ process_symbol_table (Filedata * filedata) - { - free (lengths); - error (_("Out of memory allocating space for histogram counts\n")); -- return FALSE; -+ goto err_out; - } - - for (hn = 0; hn < nbuckets; ++hn) -@@ -12181,11 +12177,10 @@ process_symbol_table (Filedata * filedata) - free (lengths); - } - -- if (buckets != NULL) -- { -- free (buckets); -- free (chains); -- } -+ free (buckets); -+ buckets = NULL; -+ free (chains); -+ chains = NULL; - - if (do_histogram && gnubuckets != NULL) - { -@@ -12208,7 +12203,7 @@ process_symbol_table (Filedata * filedata) - if (lengths == NULL) - { - error (_("Out of memory allocating space for gnu histogram buckets\n")); -- return FALSE; -+ goto err_out; - } - - printf (_(" Length Number %% of total Coverage\n")); -@@ -12234,7 +12229,7 @@ process_symbol_table (Filedata * filedata) - { - free (lengths); - error (_("Out of memory allocating space for gnu histogram counts\n")); -- return FALSE; -+ goto err_out; - } - - for (hn = 0; hn < ngnubuckets; ++hn) -@@ -12256,12 +12251,19 @@ process_symbol_table (Filedata * filedata) - - free (counts); - free (lengths); -- free (gnubuckets); -- free (gnuchains); -- free (mipsxlat); - } -- -+ free (gnubuckets); -+ free (gnuchains); -+ free (mipsxlat); - return TRUE; -+ -+ err_out: -+ free (gnubuckets); -+ free (gnuchains); -+ free (mipsxlat); -+ free (buckets); -+ free (chains); -+ return FALSE; - } - - static bfd_boolean -@@ -18773,6 +18775,14 @@ print_ia64_vms_note (Elf_Internal_Note * pnote) - return FALSE; - } - -+struct build_attr_cache { -+ Filedata *filedata; -+ char *strtab; -+ unsigned long strtablen; -+ Elf_Internal_Sym *symtab; -+ unsigned long nsyms; -+} ba_cache; -+ - /* Find the symbol associated with a build attribute that is attached - to address OFFSET. If PNAME is non-NULL then store the name of - the symbol (if found) in the provided pointer, Returns NULL if a -@@ -18784,19 +18794,19 @@ get_symbol_for_build_attribute (Filedata * filedata, - bfd_boolean is_open_attr, - const char ** pname) - { -- static Filedata * saved_filedata = NULL; -- static char * strtab; -- static unsigned long strtablen; -- static Elf_Internal_Sym * symtab; -- static unsigned long nsyms; -- Elf_Internal_Sym * saved_sym = NULL; -- Elf_Internal_Sym * sym; -+ Elf_Internal_Sym *saved_sym = NULL; -+ Elf_Internal_Sym *sym; - - if (filedata->section_headers != NULL -- && (saved_filedata == NULL || filedata != saved_filedata)) -+ && (ba_cache.filedata == NULL || filedata != ba_cache.filedata)) - { - Elf_Internal_Shdr * symsec; - -+ free (ba_cache.strtab); -+ ba_cache.strtab = NULL; -+ free (ba_cache.symtab); -+ ba_cache.symtab = NULL; -+ - /* Load the symbol and string sections. */ - for (symsec = filedata->section_headers; - symsec < filedata->section_headers + filedata->file_header.e_shnum; -@@ -18804,41 +18814,52 @@ get_symbol_for_build_attribute (Filedata * filedata, - { - if (symsec->sh_type == SHT_SYMTAB) - { -- symtab = GET_ELF_SYMBOLS (filedata, symsec, & nsyms); -+ ba_cache.symtab = GET_ELF_SYMBOLS (filedata, symsec, -+ &ba_cache.nsyms); - -- if (symsec->sh_link < filedata->file_header.e_shnum) -+ if (ba_cache.symtab != NULL -+ && symsec->sh_link < filedata->file_header.e_shnum) - { -- Elf_Internal_Shdr * strtab_sec = filedata->section_headers + symsec->sh_link; -- -- strtab = (char *) get_data (NULL, filedata, strtab_sec->sh_offset, -- 1, strtab_sec->sh_size, -- _("string table")); -- strtablen = strtab != NULL ? strtab_sec->sh_size : 0; -+ Elf_Internal_Shdr *strtab_sec -+ = filedata->section_headers + symsec->sh_link; -+ -+ ba_cache.strtab -+ = (char *) get_data (NULL, filedata, strtab_sec->sh_offset, -+ 1, strtab_sec->sh_size, -+ _("string table")); -+ ba_cache.strtablen = strtab_sec->sh_size; - } -+ if (ba_cache.strtab == NULL) -+ { -+ free (ba_cache.symtab); -+ ba_cache.symtab = NULL; -+ } -+ if (ba_cache.symtab != NULL) -+ break; - } - } -- saved_filedata = filedata; -+ ba_cache.filedata = filedata; - } - -- if (symtab == NULL || strtab == NULL) -+ if (ba_cache.symtab == NULL) - return NULL; - - /* Find a symbol whose value matches offset. */ -- for (sym = symtab; sym < symtab + nsyms; sym ++) -+ for (sym = ba_cache.symtab; sym < ba_cache.symtab + ba_cache.nsyms; sym ++) - if (sym->st_value == offset) - { -- if (sym->st_name >= strtablen) -+ if (sym->st_name >= ba_cache.strtablen) - /* Huh ? This should not happen. */ - continue; - -- if (strtab[sym->st_name] == 0) -+ if (ba_cache.strtab[sym->st_name] == 0) - continue; - - /* The AArch64 and ARM architectures define mapping symbols - (eg $d, $x, $t) which we want to ignore. */ -- if (strtab[sym->st_name] == '$' -- && strtab[sym->st_name + 1] != 0 -- && strtab[sym->st_name + 2] == 0) -+ if (ba_cache.strtab[sym->st_name] == '$' -+ && ba_cache.strtab[sym->st_name + 1] != 0 -+ && ba_cache.strtab[sym->st_name + 2] == 0) - continue; - - if (is_open_attr) -@@ -18855,7 +18876,7 @@ get_symbol_for_build_attribute (Filedata * filedata, - { - /* If the symbol has a size associated - with it then we can stop searching. */ -- sym = symtab + nsyms; -+ sym = ba_cache.symtab + ba_cache.nsyms; - } - continue; - -@@ -18895,7 +18916,7 @@ get_symbol_for_build_attribute (Filedata * filedata, - } - - if (saved_sym && pname) -- * pname = strtab + saved_sym->st_name; -+ * pname = ba_cache.strtab + saved_sym->st_name; - - return saved_sym; - } -@@ -20238,6 +20259,7 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - putchar ('\n'); - free (qualified_name); - } -+ free (member_name); - } - } - -@@ -20340,6 +20362,7 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - if (qualified_name == NULL) - { - error (_("%s: bad archive file name\n"), arch.file_name); -+ free (name); - ret = FALSE; - break; - } -@@ -20351,8 +20374,10 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - char * member_file_name = adjust_relative_path - (filedata->file_name, name, namelen); - -+ free (name); - if (member_file_name == NULL) - { -+ free (qualified_name); - ret = FALSE; - break; - } -@@ -20362,6 +20387,7 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - { - error (_("Input file '%s' is not readable.\n"), member_file_name); - free (member_file_name); -+ free (qualified_name); - ret = FALSE; - break; - } -@@ -20374,6 +20400,7 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - - close_file (member_filedata); - free (member_file_name); -+ free (qualified_name); - } - else if (is_thin_archive) - { -@@ -20386,9 +20413,12 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - { - error (_("%s: contains corrupt thin archive: %s\n"), - qualified_name, name); -+ free (qualified_name); -+ free (name); - ret = FALSE; - break; - } -+ free (name); - - /* This is a proxy for a member of a nested archive. */ - archive_file_offset = arch.nested_member_origin + sizeof arch.arhdr; -@@ -20398,6 +20428,7 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - if (fseek (nested_arch.file, archive_file_offset, SEEK_SET) != 0) - { - error (_("%s: failed to seek to archive member.\n"), nested_arch.file_name); -+ free (qualified_name); - ret = FALSE; - break; - } -@@ -20410,6 +20441,7 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - } - else - { -+ free (name); - archive_file_offset = arch.next_arhdr_offset; - arch.next_arhdr_offset += archive_file_size; - -@@ -20510,6 +20542,10 @@ process_file (char * file_name) - free (filedata->dump_sects); - free (filedata); - -+ free (ba_cache.strtab); -+ free (ba_cache.symtab); -+ ba_cache.filedata = NULL; -+ - return ret; - } - --- -1.8.3.1 - diff --git a/asan-readelf-leaks.patch b/asan-readelf-leaks.patch deleted file mode 100644 index ee86efe4d1a70386e5ccdc40ff7c52a6ed05c947..0000000000000000000000000000000000000000 --- a/asan-readelf-leaks.patch +++ /dev/null @@ -1,77 +0,0 @@ -From 8fb879cd16a3e3d1fe93e333c4c720fd33bcc416 Mon Sep 17 00:00:00 2001 -From: Alan Modra -Date: Thu, 12 Mar 2020 16:48:07 +1030 -Subject: [PATCH] asan: readelf leaks - - * readelf.c (process_section_headers): Don't just set - filedata->section_headers NULL, free it first. Similarly for - dynamic_symbols, dynamic_strings, dynamic_syminfo and - symtab_shndx_list. Zero associated counts too. - (process_object): Free symtab_shndx_list. - (process_file): Free various allocated filedata tables. ---- - binutils/readelf.c | 24 +++++++++++++++++++++++- - 1 files changed, 23 insertions(+), 1 deletion(-) - -diff --git a/binutils/readelf.c b/binutils/readelf.c -index 260ea33..d009b91 100644 ---- a/binutils/readelf.c -+++ b/binutils/readelf.c -@@ -6117,6 +6117,7 @@ process_section_headers (Filedata * filedata) - Elf_Internal_Shdr * section; - unsigned int i; - -+ free (filedata->section_headers); - filedata->section_headers = NULL; - - if (filedata->file_header.e_shnum == 0) -@@ -6172,10 +6173,20 @@ process_section_headers (Filedata * filedata) - - /* Scan the sections for the dynamic symbol table - and dynamic string table and debug sections. */ -+ free (dynamic_symbols); - dynamic_symbols = NULL; -+ num_dynamic_syms = 0; -+ free (dynamic_strings); - dynamic_strings = NULL; -+ dynamic_strings_length = 0; -+ free (dynamic_syminfo); - dynamic_syminfo = NULL; -- symtab_shndx_list = NULL; -+ while (symtab_shndx_list != NULL) -+ { -+ elf_section_list *next = symtab_shndx_list->next; -+ free (symtab_shndx_list); -+ symtab_shndx_list = next; -+ } - - eh_addr_size = is_32bit_elf ? 4 : 8; - switch (filedata->file_header.e_machine) -@@ -20121,6 +20132,13 @@ process_object (Filedata * filedata) - dynamic_section = NULL; - } - -+ while (symtab_shndx_list != NULL) -+ { -+ elf_section_list *next = symtab_shndx_list->next; -+ free (symtab_shndx_list); -+ symtab_shndx_list = next; -+ } -+ - if (section_headers_groups) - { - free (section_headers_groups); -@@ -20486,6 +20504,10 @@ process_file (char * file_name) - } - - fclose (filedata->handle); -+ free (filedata->section_headers); -+ free (filedata->program_headers); -+ free (filedata->string_table); -+ free (filedata->dump_sects); - free (filedata); - - return ret; --- -1.8.3.1 - diff --git a/backport-0001-CVE-2021-20197.patch b/backport-0001-CVE-2021-20197.patch deleted file mode 100644 index e3a9dd4a165ddcc2ffc9376936bccea406621c83..0000000000000000000000000000000000000000 --- a/backport-0001-CVE-2021-20197.patch +++ /dev/null @@ -1,287 +0,0 @@ -From 365f5fb6d0f0da83817431a275e99e6f6babbe04 Mon Sep 17 00:00:00 2001 -From: Siddhesh Poyarekar -Date: Mon, 7 Dec 2020 20:48:23 +0530 -Subject: [PATCH] binutils: Use file descriptors from make_tempname - -The purpose of creating a temporary file securely using mkstemp is -defeated if it is closed in make_tempname and reopened later for use; -it is as good as using mktemp. Get the file descriptor instead and -then use it to create the BFD object. - -bfd/ - - * opncls.c (bfd_fdopenw): New function. - * bfd-in2.h: Regenerate. - -binutils/ - - * bucomm.c (make_tempname): Add argument to return file - descriptor. - * bucomm.h (make_tempname): Likewise. - * ar.c: Include libbfd.h. - (write_archive): Adjust for change in make_tempname. Call - bfd_fdopenw instead of bfd_openw. - * objcopy.c: Include libbfd.h. - (copy_file): New argument OFD. Use bfd_fdopenw instead of - bfd_openw. - (strip_main): Adjust for change in make_tempname and - copy_file. - (copy_main): Likewise. ---- - bfd/ChangeLog | 6 ++++++ - bfd/bfd-in2.h | 2 ++ - bfd/opncls.c | 33 +++++++++++++++++++++++++++++++++ - binutils/ChangeLog | 17 +++++++++++++++++ - binutils/ar.c | 11 ++++++++--- - binutils/bucomm.c | 4 ++-- - binutils/bucomm.h | 2 +- - binutils/objcopy.c | 30 ++++++++++++++++++++++-------- - 8 files changed, 91 insertions(+), 14 deletions(-) - -diff --git a/bfd/bfd-in2.h b/bfd/bfd-in2.h -index 935ba53..48e3d9b 100644 ---- a/bfd/bfd-in2.h -+++ b/bfd/bfd-in2.h -@@ -588,6 +588,8 @@ bfd *bfd_openr (const char *filename, const char *target); - - bfd *bfd_fdopenr (const char *filename, const char *target, int fd); - -+bfd *bfd_fdopenw (const char *filename, const char *target, int fd); -+ - bfd *bfd_openstreamr (const char * filename, const char * target, - void * stream); - -diff --git a/bfd/opncls.c b/bfd/opncls.c -index c2a1d2f..f7696b6 100644 ---- a/bfd/opncls.c -+++ b/bfd/opncls.c -@@ -395,6 +395,39 @@ bfd_fdopenr (const char *filename, const char *target, int fd) - - /* - FUNCTION -+ bfd_fdopenw -+ -+SYNOPSIS -+ bfd *bfd_fdopenw (const char *filename, const char *target, int fd); -+ -+DESCRIPTION -+ <> is exactly like <> with the exception that -+ the resulting BFD is suitable for output. -+*/ -+ -+bfd * -+bfd_fdopenw (const char *filename, const char *target, int fd) -+{ -+ bfd *out = bfd_fdopenr (filename, target, fd); -+ -+ if (out != NULL) -+ { -+ if (!bfd_write_p (out)) -+ { -+ close (fd); -+ _bfd_delete_bfd (out); -+ out = NULL; -+ bfd_set_error (bfd_error_invalid_operation); -+ } -+ else -+ out->direction = write_direction; -+ } -+ -+ return out; -+} -+ -+/* -+FUNCTION - bfd_openstreamr - - SYNOPSIS -diff --git a/binutils/ar.c b/binutils/ar.c -index 7d279d6..2253242 100644 ---- a/binutils/ar.c -+++ b/binutils/ar.c -@@ -25,6 +25,7 @@ - - #include "sysdep.h" - #include "bfd.h" -+#include "libbfd.h" - #include "libiberty.h" - #include "progress.h" - #include "getopt.h" -@@ -1252,20 +1253,24 @@ write_archive (bfd *iarch) - bfd *obfd; - char *old_name, *new_name; - bfd *contents_head = iarch->archive_next; -+ int ofd = -1; - - old_name = (char *) xmalloc (strlen (bfd_get_filename (iarch)) + 1); - strcpy (old_name, bfd_get_filename (iarch)); -- new_name = make_tempname (old_name); -+ new_name = make_tempname (old_name, &ofd); - - if (new_name == NULL) - bfd_fatal (_("could not create temporary file whilst writing archive")); - - output_filename = new_name; - -- obfd = bfd_openw (new_name, bfd_get_target (iarch)); -+ obfd = bfd_fdopenw (new_name, bfd_get_target (iarch), ofd); - - if (obfd == NULL) -- bfd_fatal (old_name); -+ { -+ close (ofd); -+ bfd_fatal (old_name); -+ } - - output_bfd = obfd; - -diff --git a/binutils/bucomm.c b/binutils/bucomm.c -index 9e6a028..5324420 100644 ---- a/binutils/bucomm.c -+++ b/binutils/bucomm.c -@@ -532,7 +532,7 @@ template_in_dir (const char *path) - as FILENAME. */ - - char * --make_tempname (const char *filename) -+make_tempname (const char *filename, int *ofd) - { - char *tmpname = template_in_dir (filename); - int fd; -@@ -550,7 +550,7 @@ make_tempname (const char *filename) - free (tmpname); - return NULL; - } -- close (fd); -+ *ofd = fd; - return tmpname; - } - -diff --git a/binutils/bucomm.h b/binutils/bucomm.h -index d831834..afb8e09 100644 ---- a/binutils/bucomm.h -+++ b/binutils/bucomm.h -@@ -51,7 +51,7 @@ int display_info (void); - - void print_arelt_descr (FILE *, bfd *, bfd_boolean, bfd_boolean); - --char *make_tempname (const char *); -+char *make_tempname (const char *, int *); - char *make_tempdir (const char *); - - bfd_vma parse_vma (const char *, const char *); -diff --git a/binutils/objcopy.c b/binutils/objcopy.c -index ca35df0..2eb083c 100644 ---- a/binutils/objcopy.c -+++ b/binutils/objcopy.c -@@ -20,6 +20,7 @@ - - #include "sysdep.h" - #include "bfd.h" -+#include "libbfd.h" - #include "progress.h" - #include "getopt.h" - #include "libiberty.h" -@@ -3727,7 +3728,7 @@ set_long_section_mode (bfd *output_bfd, bfd *input_bfd, enum long_section_name_h - /* The top-level control. */ - - static void --copy_file (const char *input_filename, const char *output_filename, -+copy_file (const char *input_filename, const char *output_filename, int ofd, - const char *input_target, const char *output_target, - const bfd_arch_info_type *input_arch) - { -@@ -3802,9 +3803,14 @@ copy_file (const char *input_filename, const char *output_filename, - else - force_output_target = TRUE; - -- obfd = bfd_openw (output_filename, output_target); -+ if (ofd >= 0) -+ obfd = bfd_fdopenw (output_filename, output_target, ofd); -+ else -+ obfd = bfd_openw (output_filename, output_target); -+ - if (obfd == NULL) - { -+ close (ofd); - bfd_nonfatal_message (output_filename, NULL, NULL, NULL); - status = 1; - return; -@@ -3832,13 +3838,19 @@ copy_file (const char *input_filename, const char *output_filename, - if (output_target == NULL) - output_target = bfd_get_target (ibfd); - -- obfd = bfd_openw (output_filename, output_target); -+ if (ofd >= 0) -+ obfd = bfd_fdopenw (output_filename, output_target, ofd); -+ else -+ obfd = bfd_openw (output_filename, output_target); -+ - if (obfd == NULL) - { -+ close (ofd); - bfd_nonfatal_message (output_filename, NULL, NULL, NULL); - status = 1; - return; - } -+ - /* This is a no-op on non-Coff targets. */ - set_long_section_mode (obfd, ibfd, long_section_names); - -@@ -4802,6 +4814,7 @@ strip_main (int argc, char *argv[]) - int hold_status = status; - struct stat statbuf; - char *tmpname; -+ int tmpfd = -1; - - if (get_file_size (argv[i]) < 1) - { -@@ -4816,7 +4829,7 @@ strip_main (int argc, char *argv[]) - - if (output_file == NULL - || filename_cmp (argv[i], output_file) == 0) -- tmpname = make_tempname (argv[i]); -+ tmpname = make_tempname (argv[i], &tmpfd); - else - tmpname = output_file; - -@@ -4829,7 +4842,7 @@ strip_main (int argc, char *argv[]) - } - - status = 0; -- copy_file (argv[i], tmpname, input_target, output_target, NULL); -+ copy_file (argv[i], tmpname, tmpfd, input_target, output_target, NULL); - if (status == 0) - { - if (preserve_dates) -@@ -5049,7 +5062,7 @@ copy_main (int argc, char *argv[]) - bfd_boolean formats_info = FALSE; - bfd_boolean use_globalize = FALSE; - bfd_boolean use_keep_global = FALSE; -- int c; -+ int c, tmpfd = -1; - struct stat statbuf; - const bfd_arch_info_type *input_arch = NULL; - -@@ -5895,7 +5908,7 @@ copy_main (int argc, char *argv[]) - are the same, then create a temp and rename the result into the input. */ - if (output_filename == NULL - || filename_cmp (input_filename, output_filename) == 0) -- tmpname = make_tempname (input_filename); -+ tmpname = make_tempname (input_filename, &tmpfd); - else - tmpname = output_filename; - -@@ -5903,7 +5916,8 @@ copy_main (int argc, char *argv[]) - fatal (_("warning: could not create temporary file whilst copying '%s', (error: %s)"), - input_filename, strerror (errno)); - -- copy_file (input_filename, tmpname, input_target, output_target, input_arch); -+ copy_file (input_filename, tmpname, tmpfd, input_target, output_target, -+ input_arch); - if (status == 0) - { - if (preserve_dates) --- -1.8.3.1 - diff --git a/backport-0002-CVE-2021-20197.patch b/backport-0002-CVE-2021-20197.patch deleted file mode 100644 index abea8f4028c2d590c4a5bbefa3f906bb7af52ebe..0000000000000000000000000000000000000000 --- a/backport-0002-CVE-2021-20197.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 1a1c3b4cc17687091cff5a368bd6f13742bcfdf8 Mon Sep 17 00:00:00 2001 -From: Siddhesh Poyarekar -Date: Mon, 7 Dec 2020 20:48:28 +0530 -Subject: [PATCH] objcopy: Get input file stat after BFD open - -Get file state from the descriptor opened by copy_file for the input -BFD. This ensures continuity in the view of the input file through -the descriptor. At the moment it is only to preserve timestamps -recorded at the point that we opened the file for input but in the -next patch this state will also be used to preserve ownership and -permissions wherever applicable. - -binutils/ - - * objcopy.c (copy_file): New argument IN_STAT. Return stat of - ibfd through it. - (strip_main): Remove redundant stat calls. adjust copy_file - calls. - (copy_main): Likewise. ---- - binutils/ChangeLog | 9 +++++++++ - binutils/objcopy.c | 23 +++++++---------------- - 2 files changed, 16 insertions(+), 16 deletions(-) - -diff --git a/binutils/objcopy.c b/binutils/objcopy.c -index 2eb083c..b6cf6ea 100644 ---- a/binutils/objcopy.c -+++ b/binutils/objcopy.c -@@ -3729,8 +3729,8 @@ set_long_section_mode (bfd *output_bfd, bfd *input_bfd, enum long_section_name_h - - static void - copy_file (const char *input_filename, const char *output_filename, int ofd, -- const char *input_target, const char *output_target, -- const bfd_arch_info_type *input_arch) -+ struct stat *in_stat, const char *input_target, -+ const char *output_target, const bfd_arch_info_type *input_arch) - { - bfd *ibfd; - char **obj_matching; -@@ -3749,7 +3749,7 @@ copy_file (const char *input_filename, const char *output_filename, int ofd, - /* To allow us to do "strip *" without dying on the first - non-object file, failures are nonfatal. */ - ibfd = bfd_openr (input_filename, input_target); -- if (ibfd == NULL) -+ if (ibfd == NULL || fstat (fileno (ibfd->iostream), in_stat) != 0) - { - bfd_nonfatal_message (input_filename, NULL, NULL, NULL); - status = 1; -@@ -4822,11 +4822,6 @@ strip_main (int argc, char *argv[]) - continue; - } - -- if (preserve_dates) -- /* No need to check the return value of stat(). -- It has already been checked in get_file_size(). */ -- stat (argv[i], &statbuf); -- - if (output_file == NULL - || filename_cmp (argv[i], output_file) == 0) - tmpname = make_tempname (argv[i], &tmpfd); -@@ -4842,7 +4837,8 @@ strip_main (int argc, char *argv[]) - } - - status = 0; -- copy_file (argv[i], tmpname, tmpfd, input_target, output_target, NULL); -+ copy_file (argv[i], tmpname, tmpfd, &statbuf, input_target, -+ output_target, NULL); - if (status == 0) - { - if (preserve_dates) -@@ -5899,11 +5895,6 @@ copy_main (int argc, char *argv[]) - convert_efi_target (efi); - } - -- if (preserve_dates) -- if (stat (input_filename, & statbuf) < 0) -- fatal (_("warning: could not locate '%s'. System error message: %s"), -- input_filename, strerror (errno)); -- - /* If there is no destination file, or the source and destination files - are the same, then create a temp and rename the result into the input. */ - if (output_filename == NULL -@@ -5916,8 +5907,8 @@ copy_main (int argc, char *argv[]) - fatal (_("warning: could not create temporary file whilst copying '%s', (error: %s)"), - input_filename, strerror (errno)); - -- copy_file (input_filename, tmpname, tmpfd, input_target, output_target, -- input_arch); -+ copy_file (input_filename, tmpname, tmpfd, &statbuf, input_target, -+ output_target, input_arch); - if (status == 0) - { - if (preserve_dates) --- -1.8.3.1 - diff --git a/backport-CVE-2020-0551-i386-Generate-lfence.patch b/backport-CVE-2020-0551-i386-Generate-lfence.patch deleted file mode 100644 index dd59d6bb09ebed63532fc7e44c91785de5ac3fd4..0000000000000000000000000000000000000000 --- a/backport-CVE-2020-0551-i386-Generate-lfence.patch +++ /dev/null @@ -1,547 +0,0 @@ -From ae531041c7c5956672342f89c486a011c84f027f Mon Sep 17 00:00:00 2001 -From: "H.J. Lu" -Date: Wed, 11 Mar 2020 09:46:19 -0700 -Subject: [PATCH] i386: Generate lfence with load/indirect branch/ret - [CVE-2020-0551] - -Add 3 command-line options to generate lfence for load, indirect near -branch and ret to help mitigate: - -https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html -http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0551 - -1. -mlfence-after-load=[no|yes]: - -mlfence-after-load=yes generates lfence after load instructions. -2. -mlfence-before-indirect-branch=[none|all|memory|register]: - a. -mlfence-before-indirect-branch=all generates lfence before indirect - near branches via register and a warning before indirect near branches - via memory. - b. -mlfence-before-indirect-branch=memory issue a warning before - indirect near branches via memory. - c. -mlfence-before-indirect-branch=register generates lfence before - indirect near branches via register. -Note that lfence won't be generated before indirect near branches via -register with -mlfence-after-load=yes since lfence will be generated -after loading branch target register. -3. -mlfence-before-ret=[none|or|not] - a. -mlfence-before-ret=or generates or with lfence before ret. - b. -mlfence-before-ret=not generates not with lfence before ret. - -A warning will be issued and lfence won't be generated before indirect -near branch and ret if the previous item is a prefix or a constant -directive, which may be used to hardcode an instruction, since there -is no clear instruction boundary. - - * config/tc-i386.c (lfence_after_load): New. - (lfence_before_indirect_branch_kind): New. - (lfence_before_indirect_branch): New. - (lfence_before_ret_kind): New. - (lfence_before_ret): New. - (last_insn): New. - (load_insn_p): New. - (insert_lfence_after): New. - (insert_lfence_before): New. - (md_assemble): Call insert_lfence_before and insert_lfence_after. - Set last_insn. - (OPTION_MLFENCE_AFTER_LOAD): New. - (OPTION_MLFENCE_BEFORE_INDIRECT_BRANCH): New. - (OPTION_MLFENCE_BEFORE_RET): New. - (md_longopts): Add -mlfence-after-load=, - -mlfence-before-indirect-branch= and -mlfence-before-ret=. - (md_parse_option): Handle -mlfence-after-load=, - -mlfence-before-indirect-branch= and -mlfence-before-ret=. - (md_show_usage): Display -mlfence-after-load=, - -mlfence-before-indirect-branch= and -mlfence-before-ret=. - (i386_cons_align): New. - * config/tc-i386.h (i386_cons_align): New. - (md_cons_align): New. - * doc/c-i386.texi: Document -mlfence-after-load=, - -mlfence-before-indirect-branch= and -mlfence-before-ret=. ---- - gas/config/tc-i386.c | 366 ++++++++++++++++++++++++++++++++++++++++++- - gas/doc/c-i386.texi | 43 +++++ - 2 files changed, 408 insertions(+), 1 deletion(-) - -diff --git a/gas/config/tc-i386.c b/gas/config/tc-i386.c -index b020f39c863..09063f784b7 100644 ---- a/gas/config/tc-i386.c -+++ b/gas/config/tc-i386.c -@@ -629,7 +629,29 @@ static int omit_lock_prefix = 0; - "lock addl $0, (%{re}sp)". */ - static int avoid_fence = 0; - --/* Type of the previous instruction. */ -+/* 1 if lfence should be inserted after every load. */ -+static int lfence_after_load = 0; -+ -+/* Non-zero if lfence should be inserted before indirect branch. */ -+static enum lfence_before_indirect_branch_kind -+ { -+ lfence_branch_none = 0, -+ lfence_branch_register, -+ lfence_branch_memory, -+ lfence_branch_all -+ } -+lfence_before_indirect_branch; -+ -+/* Non-zero if lfence should be inserted before ret. */ -+static enum lfence_before_ret_kind -+ { -+ lfence_before_ret_none = 0, -+ lfence_before_ret_not, -+ lfence_before_ret_or -+ } -+lfence_before_ret; -+ -+/* Types of previous instruction is .byte or prefix. */ - static struct - { - segT seg; -@@ -4311,6 +4333,283 @@ optimize_encoding (void) - } - } - -+/* Return non-zero for load instruction. */ -+ -+static int -+load_insn_p (void) -+{ -+ unsigned int dest; -+ int any_vex_p = is_any_vex_encoding (&i.tm); -+ unsigned int base_opcode = i.tm.base_opcode | 1; -+ -+ if (!any_vex_p) -+ { -+ /* lea */ -+ if (i.tm.base_opcode == 0x8d) -+ return 0; -+ -+ /* pop */ -+ if ((i.tm.base_opcode & ~7) == 0x58 -+ || (i.tm.base_opcode == 0x8f && i.tm.extension_opcode == 0)) -+ return 1; -+ -+ /* movs, cmps, lods, scas. */ -+ if ((i.tm.base_opcode | 0xb) == 0xaf) -+ return 1; -+ -+ /* outs */ -+ if (base_opcode == 0x6f) -+ return 1; -+ } -+ -+ /* No memory operand. */ -+ if (!i.mem_operands) -+ return 0; -+ -+ if (any_vex_p) -+ { -+ /* vldmxcsr. */ -+ if (i.tm.base_opcode == 0xae -+ && i.tm.opcode_modifier.vex -+ && i.tm.opcode_modifier.vexopcode == VEX0F -+ && i.tm.extension_opcode == 2) -+ return 1; -+ } -+ else -+ { -+ /* test, not, neg, mul, imul, div, idiv. */ -+ if ((i.tm.base_opcode == 0xf6 || i.tm.base_opcode == 0xf7) -+ && i.tm.extension_opcode != 1) -+ return 1; -+ -+ /* inc, dec. */ -+ if (base_opcode == 0xff && i.tm.extension_opcode <= 1) -+ return 1; -+ -+ /* add, or, adc, sbb, and, sub, xor, cmp. */ -+ if (i.tm.base_opcode >= 0x80 && i.tm.base_opcode <= 0x83) -+ return 1; -+ -+ /* bt, bts, btr, btc. */ -+ if (i.tm.base_opcode == 0xfba -+ && (i.tm.extension_opcode >= 4 && i.tm.extension_opcode <= 7)) -+ return 1; -+ -+ /* rol, ror, rcl, rcr, shl/sal, shr, sar. */ -+ if ((base_opcode == 0xc1 -+ || (i.tm.base_opcode >= 0xd0 && i.tm.base_opcode <= 0xd3)) -+ && i.tm.extension_opcode != 6) -+ return 1; -+ -+ /* cmpxchg8b, cmpxchg16b, xrstors. */ -+ if (i.tm.base_opcode == 0xfc7 -+ && (i.tm.extension_opcode == 1 || i.tm.extension_opcode == 3)) -+ return 1; -+ -+ /* fxrstor, ldmxcsr, xrstor. */ -+ if (i.tm.base_opcode == 0xfae -+ && (i.tm.extension_opcode == 1 -+ || i.tm.extension_opcode == 2 -+ || i.tm.extension_opcode == 5)) -+ return 1; -+ -+ /* lgdt, lidt, lmsw. */ -+ if (i.tm.base_opcode == 0xf01 -+ && (i.tm.extension_opcode == 2 -+ || i.tm.extension_opcode == 3 -+ || i.tm.extension_opcode == 6)) -+ return 1; -+ -+ /* vmptrld */ -+ if (i.tm.base_opcode == 0xfc7 -+ && i.tm.extension_opcode == 6) -+ return 1; -+ -+ /* Check for x87 instructions. */ -+ if (i.tm.base_opcode >= 0xd8 && i.tm.base_opcode <= 0xdf) -+ { -+ /* Skip fst, fstp, fstenv, fstcw. */ -+ if (i.tm.base_opcode == 0xd9 -+ && (i.tm.extension_opcode == 2 -+ || i.tm.extension_opcode == 3 -+ || i.tm.extension_opcode == 6 -+ || i.tm.extension_opcode == 7)) -+ return 0; -+ -+ /* Skip fisttp, fist, fistp, fstp. */ -+ if (i.tm.base_opcode == 0xdb -+ && (i.tm.extension_opcode == 1 -+ || i.tm.extension_opcode == 2 -+ || i.tm.extension_opcode == 3 -+ || i.tm.extension_opcode == 7)) -+ return 0; -+ -+ /* Skip fisttp, fst, fstp, fsave, fstsw. */ -+ if (i.tm.base_opcode == 0xdd -+ && (i.tm.extension_opcode == 1 -+ || i.tm.extension_opcode == 2 -+ || i.tm.extension_opcode == 3 -+ || i.tm.extension_opcode == 6 -+ || i.tm.extension_opcode == 7)) -+ return 0; -+ -+ /* Skip fisttp, fist, fistp, fbstp, fistp. */ -+ if (i.tm.base_opcode == 0xdf -+ && (i.tm.extension_opcode == 1 -+ || i.tm.extension_opcode == 2 -+ || i.tm.extension_opcode == 3 -+ || i.tm.extension_opcode == 6 -+ || i.tm.extension_opcode == 7)) -+ return 0; -+ -+ return 1; -+ } -+ } -+ -+ dest = i.operands - 1; -+ -+ /* Check fake imm8 operand and 3 source operands. */ -+ if ((i.tm.opcode_modifier.immext -+ || i.tm.opcode_modifier.vexsources == VEX3SOURCES) -+ && i.types[dest].bitfield.imm8) -+ dest--; -+ -+ /* add, or, adc, sbb, and, sub, xor, cmp, test, xchg, xadd */ -+ if (!any_vex_p -+ && (base_opcode == 0x1 -+ || base_opcode == 0x9 -+ || base_opcode == 0x11 -+ || base_opcode == 0x19 -+ || base_opcode == 0x21 -+ || base_opcode == 0x29 -+ || base_opcode == 0x31 -+ || base_opcode == 0x39 -+ || (i.tm.base_opcode >= 0x84 && i.tm.base_opcode <= 0x87) -+ || base_opcode == 0xfc1)) -+ return 1; -+ -+ /* Check for load instruction. */ -+ return (i.types[dest].bitfield.class != ClassNone -+ || i.types[dest].bitfield.instance == Accum); -+} -+ -+/* Output lfence, 0xfaee8, after instruction. */ -+ -+static void -+insert_lfence_after (void) -+{ -+ if (lfence_after_load && load_insn_p ()) -+ { -+ char *p = frag_more (3); -+ *p++ = 0xf; -+ *p++ = 0xae; -+ *p = 0xe8; -+ } -+} -+ -+/* Output lfence, 0xfaee8, before instruction. */ -+ -+static void -+insert_lfence_before (void) -+{ -+ char *p; -+ -+ if (is_any_vex_encoding (&i.tm)) -+ return; -+ -+ if (i.tm.base_opcode == 0xff -+ && (i.tm.extension_opcode == 2 || i.tm.extension_opcode == 4)) -+ { -+ /* Insert lfence before indirect branch if needed. */ -+ -+ if (lfence_before_indirect_branch == lfence_branch_none) -+ return; -+ -+ if (i.operands != 1) -+ abort (); -+ -+ if (i.reg_operands == 1) -+ { -+ /* Indirect branch via register. Don't insert lfence with -+ -mlfence-after-load=yes. */ -+ if (lfence_after_load -+ || lfence_before_indirect_branch == lfence_branch_memory) -+ return; -+ } -+ else if (i.mem_operands == 1 -+ && lfence_before_indirect_branch != lfence_branch_register) -+ { -+ as_warn (_("indirect `%s` with memory operand should be avoided"), -+ i.tm.name); -+ return; -+ } -+ else -+ return; -+ -+ if (last_insn.kind != last_insn_other -+ && last_insn.seg == now_seg) -+ { -+ as_warn_where (last_insn.file, last_insn.line, -+ _("`%s` skips -mlfence-before-indirect-branch on `%s`"), -+ last_insn.name, i.tm.name); -+ return; -+ } -+ -+ p = frag_more (3); -+ *p++ = 0xf; -+ *p++ = 0xae; -+ *p = 0xe8; -+ return; -+ } -+ -+ /* Output or/not and lfence before ret. */ -+ if (lfence_before_ret != lfence_before_ret_none -+ && (i.tm.base_opcode == 0xc2 -+ || i.tm.base_opcode == 0xc3 -+ || i.tm.base_opcode == 0xca -+ || i.tm.base_opcode == 0xcb)) -+ { -+ if (last_insn.kind != last_insn_other -+ && last_insn.seg == now_seg) -+ { -+ as_warn_where (last_insn.file, last_insn.line, -+ _("`%s` skips -mlfence-before-ret on `%s`"), -+ last_insn.name, i.tm.name); -+ return; -+ } -+ if (lfence_before_ret == lfence_before_ret_or) -+ { -+ /* orl: 0x830c2400. */ -+ p = frag_more ((flag_code == CODE_64BIT ? 1 : 0) + 4 + 3); -+ if (flag_code == CODE_64BIT) -+ *p++ = 0x48; -+ *p++ = 0x83; -+ *p++ = 0xc; -+ *p++ = 0x24; -+ *p++ = 0x0; -+ } -+ else -+ { -+ p = frag_more ((flag_code == CODE_64BIT ? 2 : 0) + 6 + 3); -+ /* notl: 0xf71424. */ -+ if (flag_code == CODE_64BIT) -+ *p++ = 0x48; -+ *p++ = 0xf7; -+ *p++ = 0x14; -+ *p++ = 0x24; -+ /* notl: 0xf71424. */ -+ if (flag_code == CODE_64BIT) -+ *p++ = 0x48; -+ *p++ = 0xf7; -+ *p++ = 0x14; -+ *p++ = 0x24; -+ } -+ *p++ = 0xf; -+ *p++ = 0xae; -+ *p = 0xe8; -+ } -+} -+ - /* This is the guts of the machine-dependent assembler. LINE points to a - machine dependent instruction. This function is supposed to emit - the frags/bytes it assembles to. */ -@@ -4628,9 +4927,13 @@ md_assemble (char *line) - if (i.rex != 0) - add_prefix (REX_OPCODE | i.rex); - -+ insert_lfence_before (); -+ - /* We are ready to output the insn. */ - output_insn (); - -+ insert_lfence_after (); -+ - last_insn.seg = now_seg; - - if (i.tm.opcode_modifier.isprefix) -@@ -12250,6 +12553,9 @@ const char *md_shortopts = "qnO::"; - #define OPTION_MALIGN_BRANCH_PREFIX_SIZE (OPTION_MD_BASE + 28) - #define OPTION_MALIGN_BRANCH (OPTION_MD_BASE + 29) - #define OPTION_MBRANCHES_WITH_32B_BOUNDARIES (OPTION_MD_BASE + 30) -+#define OPTION_MLFENCE_AFTER_LOAD (OPTION_MD_BASE + 31) -+#define OPTION_MLFENCE_BEFORE_INDIRECT_BRANCH (OPTION_MD_BASE + 32) -+#define OPTION_MLFENCE_BEFORE_RET (OPTION_MD_BASE + 33) - - struct option md_longopts[] = - { -@@ -12289,6 +12595,10 @@ struct option md_longopts[] = - {"malign-branch-prefix-size", required_argument, NULL, OPTION_MALIGN_BRANCH_PREFIX_SIZE}, - {"malign-branch", required_argument, NULL, OPTION_MALIGN_BRANCH}, - {"mbranches-within-32B-boundaries", no_argument, NULL, OPTION_MBRANCHES_WITH_32B_BOUNDARIES}, -+ {"mlfence-after-load", required_argument, NULL, OPTION_MLFENCE_AFTER_LOAD}, -+ {"mlfence-before-indirect-branch", required_argument, NULL, -+ OPTION_MLFENCE_BEFORE_INDIRECT_BRANCH}, -+ {"mlfence-before-ret", required_argument, NULL, OPTION_MLFENCE_BEFORE_RET}, - {"mamd64", no_argument, NULL, OPTION_MAMD64}, - {"mintel64", no_argument, NULL, OPTION_MINTEL64}, - {NULL, no_argument, NULL, 0} -@@ -12668,6 +12978,41 @@ md_parse_option (int c, const char *arg) - as_fatal (_("invalid -mfence-as-lock-add= option: `%s'"), arg); - break; - -+ case OPTION_MLFENCE_AFTER_LOAD: -+ if (strcasecmp (arg, "yes") == 0) -+ lfence_after_load = 1; -+ else if (strcasecmp (arg, "no") == 0) -+ lfence_after_load = 0; -+ else -+ as_fatal (_("invalid -mlfence-after-load= option: `%s'"), arg); -+ break; -+ -+ case OPTION_MLFENCE_BEFORE_INDIRECT_BRANCH: -+ if (strcasecmp (arg, "all") == 0) -+ lfence_before_indirect_branch = lfence_branch_all; -+ else if (strcasecmp (arg, "memory") == 0) -+ lfence_before_indirect_branch = lfence_branch_memory; -+ else if (strcasecmp (arg, "register") == 0) -+ lfence_before_indirect_branch = lfence_branch_register; -+ else if (strcasecmp (arg, "none") == 0) -+ lfence_before_indirect_branch = lfence_branch_none; -+ else -+ as_fatal (_("invalid -mlfence-before-indirect-branch= option: `%s'"), -+ arg); -+ break; -+ -+ case OPTION_MLFENCE_BEFORE_RET: -+ if (strcasecmp (arg, "or") == 0) -+ lfence_before_ret = lfence_before_ret_or; -+ else if (strcasecmp (arg, "not") == 0) -+ lfence_before_ret = lfence_before_ret_not; -+ else if (strcasecmp (arg, "none") == 0) -+ lfence_before_ret = lfence_before_ret_none; -+ else -+ as_fatal (_("invalid -mlfence-before-ret= option: `%s'"), -+ arg); -+ break; -+ - case OPTION_MRELAX_RELOCATIONS: - if (strcasecmp (arg, "yes") == 0) - generate_relax_relocations = 1; -@@ -13025,6 +13370,15 @@ md_show_usage (FILE *stream) - -mbranches-within-32B-boundaries\n\ - align branches within 32 byte boundary\n")); - fprintf (stream, _("\ -+ -mlfence-after-load=[no|yes] (default: no)\n\ -+ generate lfence after load\n")); -+ fprintf (stream, _("\ -+ -mlfence-before-indirect-branch=[none|all|register|memory] (default: none)\n\ -+ generate lfence before indirect near branch\n")); -+ fprintf (stream, _("\ -+ -mlfence-before-ret=[none|or|not] (default: none)\n\ -+ generate lfence before ret\n")); -+ fprintf (stream, _("\ - -mamd64 accept only AMD64 ISA [default]\n")); - fprintf (stream, _("\ - -mintel64 accept only Intel64 ISA\n")); -@@ -13254,6 +13608,16 @@ i386_cons_align (int ignore ATTRIBUTE_UNUSED) - last_insn.kind = last_insn_directive; - last_insn.name = "constant directive"; - last_insn.file = as_where (&last_insn.line); -+ if (lfence_before_ret != lfence_before_ret_none) -+ { -+ if (lfence_before_indirect_branch != lfence_branch_none) -+ as_warn (_("constant directive skips -mlfence-before-ret " -+ "and -mlfence-before-indirect-branch")); -+ else -+ as_warn (_("constant directive skips -mlfence-before-ret")); -+ } -+ else if (lfence_before_indirect_branch != lfence_branch_none) -+ as_warn (_("constant directive skips -mlfence-before-indirect-branch")); - } - } - -diff --git a/gas/doc/c-i386.texi b/gas/doc/c-i386.texi -index c536759cb38..1dd99f91bb0 100644 ---- a/gas/doc/c-i386.texi -+++ b/gas/doc/c-i386.texi -@@ -464,6 +464,49 @@ on an instruction. It is equivalent to - @option{-malign-branch-prefix-size=5}. - The default doesn't align branches. - -+@cindex @samp{-mlfence-after-load=} option, i386 -+@cindex @samp{-mlfence-after-load=} option, x86-64 -+@item -mlfence-after-load=@var{no} -+@itemx -mlfence-after-load=@var{yes} -+These options control whether the assembler should generate lfence -+after load instructions. @option{-mlfence-after-load=@var{yes}} will -+generate lfence. @option{-mlfence-after-load=@var{no}} will not generate -+lfence, which is the default. -+ -+@cindex @samp{-mlfence-before-indirect-branch=} option, i386 -+@cindex @samp{-mlfence-before-indirect-branch=} option, x86-64 -+@item -mlfence-before-indirect-branch=@var{none} -+@item -mlfence-before-indirect-branch=@var{all} -+@item -mlfence-before-indirect-branch=@var{register} -+@itemx -mlfence-before-indirect-branch=@var{memory} -+These options control whether the assembler should generate lfence -+after indirect near branch instructions. -+@option{-mlfence-before-indirect-branch=@var{all}} will generate lfence -+after indirect near branch via register and issue a warning before -+indirect near branch via memory. -+@option{-mlfence-before-indirect-branch=@var{register}} will generate -+lfence after indirect near branch via register. -+@option{-mlfence-before-indirect-branch=@var{memory}} will issue a -+warning before indirect near branch via memory. -+@option{-mlfence-before-indirect-branch=@var{none}} will not generate -+lfence nor issue warning, which is the default. Note that lfence won't -+be generated before indirect near branch via register with -+@option{-mlfence-after-load=@var{yes}} since lfence will be generated -+after loading branch target register. -+ -+@cindex @samp{-mlfence-before-ret=} option, i386 -+@cindex @samp{-mlfence-before-ret=} option, x86-64 -+@item -mlfence-before-ret=@var{none} -+@item -mlfence-before-ret=@var{or} -+@itemx -mlfence-before-ret=@var{not} -+These options control whether the assembler should generate lfence -+before ret. @option{-mlfence-before-ret=@var{or}} will generate -+generate or instruction with lfence. -+@option{-mlfence-before-ret=@var{not}} will generate not instruction -+with lfence. -+@option{-mlfence-before-ret=@var{none}} will not generate lfence, -+which is the default. -+ - @cindex @samp{-mx86-used-note=} option, i386 - @cindex @samp{-mx86-used-note=} option, x86-64 - @item -mx86-used-note=@var{no} diff --git a/backport-CVE-2020-16592-PR25823-Use-after-free-in-bfd_hash_lookup.patch b/backport-CVE-2020-16592-PR25823-Use-after-free-in-bfd_hash_lookup.patch deleted file mode 100644 index d91f559c2ab52a36816d98311b67da67da7c2350..0000000000000000000000000000000000000000 --- a/backport-CVE-2020-16592-PR25823-Use-after-free-in-bfd_hash_lookup.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 7ecb51549ab1ec22aba5aaf34b70323cf0b8509a Mon Sep 17 00:00:00 2001 -From: Alan Modra -Date: Wed, 15 Apr 2020 18:58:11 +0930 -Subject: [PATCH] PR25823, Use after free in bfd_hash_lookup - - PR 25823 - * peXXigen.c (_bfd_XXi_swap_sym_in ): Don't use a - pointer into strings that may be freed for section name, always - allocate a new string. ---- - bfd/peXXigen.c | 20 ++++++++++---------- - 1 files changed, 10 insertions(+), 10 deletions(-) - -diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c -index b9eeb77..8aa5914 100644 ---- a/bfd/peXXigen.c -+++ b/bfd/peXXigen.c -@@ -177,25 +177,25 @@ _bfd_XXi_swap_sym_in (bfd * abfd, void * ext1, void * in1) - int unused_section_number = 0; - asection *sec; - flagword flags; -+ size_t name_len; -+ char *sec_name; - - for (sec = abfd->sections; sec; sec = sec->next) - if (unused_section_number <= sec->target_index) - unused_section_number = sec->target_index + 1; - -- if (name == namebuf) -+ name_len = strlen (name) + 1; -+ sec_name = bfd_alloc (abfd, name_len); -+ if (sec_name == NULL) - { -- name = (const char *) bfd_alloc (abfd, strlen (namebuf) + 1); -- if (name == NULL) -- { -- _bfd_error_handler (_("%pB: out of memory creating name for empty section"), -- abfd); -- return; -- } -- strcpy ((char *) name, namebuf); -+ _bfd_error_handler (_("%pB: out of memory creating name " -+ "for empty section"), abfd); -+ return; - } -+ memcpy (sec_name, name, name_len); - - flags = SEC_HAS_CONTENTS | SEC_ALLOC | SEC_DATA | SEC_LOAD; -- sec = bfd_make_section_anyway_with_flags (abfd, name, flags); -+ sec = bfd_make_section_anyway_with_flags (abfd, sec_name, flags); - if (sec == NULL) - { - _bfd_error_handler (_("%pB: unable to create fake empty section"), --- -1.8.3.1 - diff --git a/backport-CVE-2021-3487.patch b/backport-CVE-2021-3487.patch deleted file mode 100644 index fc6e002d1fec4107cfc51bacf051fc011c38a422..0000000000000000000000000000000000000000 --- a/backport-CVE-2021-3487.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 647cebce12a6b0a26960220caff96ff38978cf24 Mon Sep 17 00:00:00 2001 -From: Nick Clifton -Date: Thu, 26 Nov 2020 17:08:33 +0000 -Subject: [PATCH] Prevent a memory allocation failure when parsing corrupt - DWARF debug sections. - - PR 26946 - * dwarf2.c (read_section): Check for debug sections with excessive - sizes. ---- - bfd/ChangeLog | 6 ++++++ - bfd/dwarf2.c | 25 +++++++++++++++++++------ - 2 files changed, 25 insertions(+), 6 deletions(-) - -diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c -index 977bf43..8bbfc81 100644 ---- a/bfd/dwarf2.c -+++ b/bfd/dwarf2.c -@@ -531,22 +531,24 @@ read_section (bfd * abfd, - bfd_byte ** section_buffer, - bfd_size_type * section_size) - { -- asection *msec; - const char *section_name = sec->uncompressed_name; - bfd_byte *contents = *section_buffer; -- bfd_size_type amt; - - /* The section may have already been read. */ - if (contents == NULL) - { -+ bfd_size_type amt; -+ asection *msec; -+ ufile_ptr filesize; -+ - msec = bfd_get_section_by_name (abfd, section_name); -- if (! msec) -+ if (msec == NULL) - { - section_name = sec->compressed_name; - if (section_name != NULL) - msec = bfd_get_section_by_name (abfd, section_name); - } -- if (! msec) -+ if (msec == NULL) - { - _bfd_error_handler (_("DWARF error: can't find %s section."), - sec->uncompressed_name); -@@ -554,12 +556,23 @@ read_section (bfd * abfd, - return FALSE; - } - -- *section_size = msec->rawsize ? msec->rawsize : msec->size; -+ amt = bfd_get_section_limit_octets (abfd, msec); -+ filesize = bfd_get_file_size (abfd); -+ if (amt >= filesize) -+ { -+ /* PR 26946 */ -+ _bfd_error_handler (_("DWARF error: section %s is larger than its filesize! (0x%lx vs 0x%lx)"), -+ section_name, (long) amt, (long) filesize); -+ bfd_set_error (bfd_error_bad_value); -+ return FALSE; -+ } -+ *section_size = amt; - /* Paranoia - alloc one extra so that we can make sure a string - section is NUL terminated. */ -- amt = *section_size + 1; -+ amt += 1; - if (amt == 0) - { -+ /* Paranoia - this should never happen. */ - bfd_set_error (bfd_error_no_memory); - return FALSE; - } --- -1.8.3.1 - diff --git a/binutils-2.29-revert-PLT-elision.patch b/binutils-2.29-revert-PLT-elision.patch deleted file mode 100644 index c5478f0952c0dc40c6cc97aadaf03a4b19b394b0..0000000000000000000000000000000000000000 --- a/binutils-2.29-revert-PLT-elision.patch +++ /dev/null @@ -1,266 +0,0 @@ -diff -rup binutils.orig/ld/testsuite/ld-i386/pltgot-1.d binutils-2.29.1/ld/testsuite/ld-i386/pltgot-1.d ---- binutils.orig/ld/testsuite/ld-i386/pltgot-1.d 2017-11-15 13:32:39.335065263 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-i386/pltgot-1.d 2017-11-15 15:03:55.649727195 +0000 -@@ -2,6 +2,7 @@ - #readelf: -S --wide - #as: --32 - -+#pass - #... - +\[ *[0-9]+\] \.plt +PROGBITS +[0-9a-f]+ +[0-9a-f]+ +0+10 +.* - #... -diff -rup binutils.orig/ld/testsuite/ld-i386/pltgot-2.d binutils-2.29.1/ld/testsuite/ld-i386/pltgot-2.d ---- binutils.orig/ld/testsuite/ld-i386/pltgot-2.d 2017-11-15 13:32:39.329065335 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-i386/pltgot-2.d 2017-11-15 15:04:20.803430034 +0000 -@@ -3,7 +3,6 @@ - #readelf: -d --wide - #as: --32 - --#failif - #... - +0x[0-9a-f]+ +\(PLTREL.* - #... -diff -rup binutils.orig/ld/testsuite/ld-i386/pr19636-2d.d binutils-2.29.1/ld/testsuite/ld-i386/pr19636-2d.d ---- binutils.orig/ld/testsuite/ld-i386/pr19636-2d.d 2017-11-15 13:32:39.336065251 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-i386/pr19636-2d.d 2017-11-15 15:03:00.413379749 +0000 -@@ -9,7 +9,7 @@ Relocation section '\.rel\.dyn' at offse - [0-9a-f]+ +[0-9a-f]+ +R_386_32 +0+ +func - [0-9a-f]+ +[0-9a-f]+ +R_386_PC32 +0+ +func - [0-9a-f]+ +[0-9a-f]+ +R_386_GLOB_DAT +0+ +func -- -+#... - Symbol table '\.dynsym' contains [0-9]+ entries: - +Num: +Value +Size Type +Bind +Vis +Ndx Name - #... -diff -rup binutils.orig/ld/testsuite/ld-i386/pr19636-2e.d binutils-2.29.1/ld/testsuite/ld-i386/pr19636-2e.d ---- binutils.orig/ld/testsuite/ld-i386/pr19636-2e.d 2017-11-15 13:32:39.330065323 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-i386/pr19636-2e.d 2017-11-15 15:03:28.928042882 +0000 -@@ -9,7 +9,7 @@ Relocation section '\.rel\.dyn' at offse - [0-9a-f]+ +[0-9a-f]+ +R_386_32 +0+ +func - [0-9a-f]+ +[0-9a-f]+ +R_386_PC32 +0+ +func - [0-9a-f]+ +[0-9a-f]+ +R_386_GLOB_DAT +0+ +func -- -+#... - Symbol table '\.dynsym' contains [0-9]+ entries: - +Num: +Value +Size Type +Bind +Vis +Ndx Name - #... -diff -rup binutils.orig/ld/testsuite/ld-x86-64/pltgot-1.d binutils-2.29.1/ld/testsuite/ld-x86-64/pltgot-1.d ---- binutils.orig/ld/testsuite/ld-x86-64/pltgot-1.d 2017-11-15 13:32:39.415064300 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/pltgot-1.d 2017-11-15 15:08:39.333375801 +0000 -@@ -2,8 +2,4 @@ - #readelf: -S --wide - #as: --64 - --#... -- +\[ *[0-9]+\] \.plt +PROGBITS +[0-9a-f]+ +[0-9a-f]+ +0+10 +.* --#... -- +\[ *[0-9]+\] \.got\.plt +PROGBITS +[0-9a-f]+ +[0-9a-f]+ +0+18 +.* - #pass -diff -rup binutils.orig/ld/testsuite/ld-x86-64/pltgot-2.d binutils-2.29.1/ld/testsuite/ld-x86-64/pltgot-2.d ---- binutils.orig/ld/testsuite/ld-x86-64/pltgot-2.d 2017-11-15 13:32:39.404064432 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/pltgot-2.d 2017-11-15 15:08:59.031143095 +0000 -@@ -3,7 +3,6 @@ - #readelf: -d --wide - #as: --64 - --#failif - #... - +0x[0-9a-f]+ +\(PLTREL.* - #... -diff -rup binutils.orig/ld/testsuite/ld-x86-64/plt-main-bnd.dd binutils-2.29.1/ld/testsuite/ld-x86-64/plt-main-bnd.dd ---- binutils.orig/ld/testsuite/ld-x86-64/plt-main-bnd.dd 2017-11-15 13:32:39.405064420 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/plt-main-bnd.dd 2017-11-15 15:06:53.694623801 +0000 -@@ -1,7 +1,4 @@ --#... --Disassembly of section .plt.got: - --[a-f0-9]+ <[a-z_]+@plt>: --[ ]*[a-f0-9]+: f2 ff 25 .. .. 20 00 bnd jmpq \*0x20....\(%rip\) # ...... <.*> -+#... - [ ]*[a-f0-9]+: 90 nop - #pass -diff -rup binutils.orig/ld/testsuite/ld-x86-64/plt-main-ibt.dd binutils-2.29.1/ld/testsuite/ld-x86-64/plt-main-ibt.dd ---- binutils.orig/ld/testsuite/ld-x86-64/plt-main-ibt.dd 2017-11-15 13:32:39.412064336 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/plt-main-ibt.dd 2017-11-15 15:06:35.148842897 +0000 -@@ -1,7 +1,3 @@ - #... --Disassembly of section .plt.got: -- --[a-f0-9]+ <[_a-z]+@plt>: - [ ]*[a-f0-9]+: f3 0f 1e fa endbr64 --[ ]*[a-f0-9]+: f2 ff 25 .. .. 20 00 bnd jmpq \*0x20....\(%rip\) # ...... <[_a-z]+> - #pass -diff -rup binutils.orig/ld/testsuite/ld-x86-64/plt-main.rd binutils-2.29.1/ld/testsuite/ld-x86-64/plt-main.rd ---- binutils.orig/ld/testsuite/ld-x86-64/plt-main.rd 2017-11-15 13:32:39.407064397 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/plt-main.rd 2017-11-15 15:06:17.244054423 +0000 -@@ -1,4 +1,3 @@ --#failif - #... - [0-9a-f ]+R_X86_64_JUMP_SLOT +0+ +bar \+ 0 - #... -diff -rup binutils.orig/ld/testsuite/ld-x86-64/pr20830a.d binutils-2.29.1/ld/testsuite/ld-x86-64/pr20830a.d ---- binutils.orig/ld/testsuite/ld-x86-64/pr20830a.d 2017-11-15 13:32:39.412064336 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/pr20830a.d 2017-11-15 15:15:09.918750288 +0000 -@@ -20,6 +20,7 @@ Contents of the .eh_frame section: - DW_CFA_offset: r16 \(rip\) at cfa-8 - DW_CFA_nop - DW_CFA_nop -+#pass - - 0+18 0000000000000014 0000001c FDE cie=00000000 pc=00000000000001c8..00000000000001d4 - DW_CFA_nop -diff -rup binutils.orig/ld/testsuite/ld-x86-64/pr20830a-now.d binutils-2.29.1/ld/testsuite/ld-x86-64/pr20830a-now.d ---- binutils.orig/ld/testsuite/ld-x86-64/pr20830a-now.d 2017-11-15 13:32:39.413064324 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/pr20830a-now.d 2017-11-15 15:16:08.227055104 +0000 -@@ -20,6 +20,7 @@ Contents of the .eh_frame section: - DW_CFA_offset: r16 \(rip\) at cfa-8 - DW_CFA_nop - DW_CFA_nop -+#pass - - 0+18 0000000000000014 0000001c FDE cie=00000000 pc=00000000000001c8..00000000000001d4 - DW_CFA_nop -diff -rup binutils.orig/ld/testsuite/ld-x86-64/pr20830b.d binutils-2.29.1/ld/testsuite/ld-x86-64/pr20830b.d ---- binutils.orig/ld/testsuite/ld-x86-64/pr20830b.d 2017-11-15 13:32:39.413064324 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/pr20830b.d 2017-11-15 15:16:20.115913358 +0000 -@@ -20,7 +20,8 @@ Contents of the .eh_frame section: - DW_CFA_offset: r16 \(rip\) at cfa-8 - DW_CFA_nop - DW_CFA_nop -- -+#pass -+ - 0+18 0000000000000010 0000001c FDE cie=00000000 pc=0000000000000138..0000000000000144 - DW_CFA_nop - DW_CFA_nop -diff -rup binutils.orig/ld/testsuite/ld-x86-64/pr20830b-now.d binutils-2.29.1/ld/testsuite/ld-x86-64/pr20830b-now.d ---- binutils.orig/ld/testsuite/ld-x86-64/pr20830b-now.d 2017-11-15 13:32:39.411064348 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/pr20830b-now.d 2017-11-15 15:16:29.012807282 +0000 -@@ -20,7 +20,8 @@ Contents of the .eh_frame section: - DW_CFA_offset: r16 \(rip\) at cfa-8 - DW_CFA_nop - DW_CFA_nop -- -+#pass -+ - 0+18 0000000000000010 0000001c FDE cie=00000000 pc=0000000000000138..0000000000000144 - DW_CFA_nop - DW_CFA_nop -diff -rup binutils.orig/ld/testsuite/ld-x86-64/pr21038a.d binutils-2.29.1/ld/testsuite/ld-x86-64/pr21038a.d ---- binutils.orig/ld/testsuite/ld-x86-64/pr21038a.d 2017-11-15 13:32:39.408064384 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/pr21038a.d 2017-11-15 15:19:48.097433680 +0000 -@@ -19,7 +19,8 @@ Contents of the .eh_frame section: - DW_CFA_offset: r16 \(rip\) at cfa-8 - DW_CFA_nop - DW_CFA_nop -- -+#pass -+ - 0+18 0000000000000014 0000001c FDE cie=00000000 pc=00000000000001c8..00000000000001d4 - DW_CFA_nop - DW_CFA_nop -diff -rup binutils.orig/ld/testsuite/ld-x86-64/pr21038a-now.d binutils-2.29.1/ld/testsuite/ld-x86-64/pr21038a-now.d ---- binutils.orig/ld/testsuite/ld-x86-64/pr21038a-now.d 2017-11-15 13:32:39.401064469 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/pr21038a-now.d 2017-11-15 15:10:56.077760324 +0000 -@@ -20,7 +20,8 @@ Contents of the .eh_frame section: - DW_CFA_offset: r16 \(rip\) at cfa-8 - DW_CFA_nop - DW_CFA_nop -- -+#pass -+ - 0+18 0000000000000014 0000001c FDE cie=00000000 pc=00000000000001c8..00000000000001d4 - DW_CFA_nop - DW_CFA_nop -diff -rup binutils.orig/ld/testsuite/ld-x86-64/pr21038b.d binutils-2.29.1/ld/testsuite/ld-x86-64/pr21038b.d ---- binutils.orig/ld/testsuite/ld-x86-64/pr21038b.d 2017-11-15 13:32:39.405064420 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/pr21038b.d 2017-11-15 15:10:42.828916844 +0000 -@@ -19,6 +19,7 @@ Contents of the .eh_frame section: - DW_CFA_offset: r16 \(rip\) at cfa-8 - DW_CFA_nop - DW_CFA_nop -+#pass - - 0+18 0000000000000014 0000001c FDE cie=00000000 pc=00000000000001d8..00000000000001dd - DW_CFA_nop -diff -rup binutils.orig/ld/testsuite/ld-x86-64/pr21038b-now.d binutils-2.29.1/ld/testsuite/ld-x86-64/pr21038b-now.d ---- binutils.orig/ld/testsuite/ld-x86-64/pr21038b-now.d 2017-11-15 13:32:39.416064288 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/pr21038b-now.d 2017-11-15 15:11:11.550577531 +0000 -@@ -20,7 +20,8 @@ Contents of the .eh_frame section: - DW_CFA_offset: r16 \(rip\) at cfa-8 - DW_CFA_nop - DW_CFA_nop -- -+#pass -+ - 0+18 0000000000000014 0000001c FDE cie=00000000 pc=00000000000001d8..00000000000001dd - DW_CFA_nop - DW_CFA_nop -diff -rup binutils.orig/ld/testsuite/ld-x86-64/pr21038c.d binutils-2.29.1/ld/testsuite/ld-x86-64/pr21038c.d ---- binutils.orig/ld/testsuite/ld-x86-64/pr21038c.d 2017-11-15 13:32:39.411064348 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/pr21038c.d 2017-11-15 15:09:52.664509478 +0000 -@@ -19,7 +19,8 @@ Contents of the .eh_frame section: - DW_CFA_offset: r16 \(rip\) at cfa-8 - DW_CFA_nop - DW_CFA_nop -- -+#pass -+ - 0+18 0000000000000014 0000001c FDE cie=00000000 pc=0000000000000220..0000000000000231 - DW_CFA_nop - DW_CFA_nop -diff -rup binutils.orig/ld/testsuite/ld-x86-64/pr21038c-now.d binutils-2.29.1/ld/testsuite/ld-x86-64/pr21038c-now.d ---- binutils.orig/ld/testsuite/ld-x86-64/pr21038c-now.d 2017-11-15 13:32:39.413064324 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/pr21038c-now.d 2017-11-15 15:11:22.975442559 +0000 -@@ -20,7 +20,8 @@ Contents of the .eh_frame section: - DW_CFA_offset: r16 \(rip\) at cfa-8 - DW_CFA_nop - DW_CFA_nop -- -+#pass -+ - 0+18 0000000000000014 0000001c FDE cie=00000000 pc=0000000000000220..0000000000000231 - DW_CFA_nop - DW_CFA_nop -diff -rup binutils.orig/ld/testsuite/ld-x86-64/tlspic2.rd binutils-2.29.1/ld/testsuite/ld-x86-64/tlspic2.rd ---- binutils.orig/ld/testsuite/ld-x86-64/tlspic2.rd 2017-11-15 13:32:39.417064276 +0000 -+++ binutils-2.29.1/ld/testsuite/ld-x86-64/tlspic2.rd 2017-11-15 15:05:02.950932110 +0000 -@@ -14,6 +14,7 @@ Section Headers: - +\[[ 0-9]+\] .dynsym +.* - +\[[ 0-9]+\] .dynstr +.* - +\[[ 0-9]+\] .rela.dyn +.* -+#pass - +\[[ 0-9]+\] .plt +.* - +\[[ 0-9]+\] .plt.got +.* - +\[[ 0-9]+\] .text +PROGBITS +0+1000 0+1000 0+31a 00 +AX +0 +0 4096 ---- binutils.orig/bfd/elfxx-x86.c 2018-01-22 15:59:25.875788033 +0000 -+++ binutils-2.30.0/bfd/elfxx-x86.c 2018-01-22 16:00:20.789146597 +0000 -@@ -107,7 +107,7 @@ elf_x86_allocate_dynrelocs (struct elf_l - plt_entry_size = htab->plt.plt_entry_size; - - resolved_to_zero = UNDEFINED_WEAK_RESOLVED_TO_ZERO (info, eh); -- -+#if 0 - /* We can't use the GOT PLT if pointer equality is needed since - finish_dynamic_symbol won't clear symbol value and the dynamic - linker won't update the GOT slot. We will get into an infinite -@@ -125,7 +125,7 @@ elf_x86_allocate_dynrelocs (struct elf_l - /* Use the GOT PLT. */ - eh->plt_got.refcount = 1; - } -- -+#endif - /* Since STT_GNU_IFUNC symbol must go through PLT, we handle it - here if it is defined and referenced in a non-shared object. */ - if (h->type == STT_GNU_IFUNC ---- binutils.orig/ld/testsuite/ld-i386/pr20830.d 2018-07-09 09:49:51.277239857 +0100 -+++ binutils-2.30.90/ld/testsuite/ld-i386/pr20830.d 2018-07-09 10:32:41.113356733 +0100 -@@ -19,7 +19,7 @@ Contents of the .eh_frame section: - DW_CFA_offset: r8 \(eip\) at cfa-4 - DW_CFA_nop - DW_CFA_nop -- -+#pass - 0+18 00000010 0000001c FDE cie=00000000 pc=00000128..00000133 - DW_CFA_nop - DW_CFA_nop diff --git a/binutils-2.34.tar.xz b/binutils-2.36.1.tar.xz similarity index 67% rename from binutils-2.34.tar.xz rename to binutils-2.36.1.tar.xz index ecd26c431899b1f9c958a423f71ca9cb7af203d2..5172b1d85408903c38e497fe754369ebc572eee5 100644 Binary files a/binutils-2.34.tar.xz and b/binutils-2.36.1.tar.xz differ diff --git a/binutils-gold-ignore-discarded-note-relocs.patch b/binutils-gold-ignore-discarded-note-relocs.patch deleted file mode 100644 index b354fa477b5fe553ba1d98aac2945baadaa37805..0000000000000000000000000000000000000000 --- a/binutils-gold-ignore-discarded-note-relocs.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- binutils.orig/gold/target-reloc.h 2018-07-12 11:37:24.894494658 +0100 -+++ binutils-2.30.90/gold/target-reloc.h 2018-07-12 15:38:50.049083904 +0100 -@@ -136,6 +136,7 @@ class Default_comdat_behavior - if (Layout::is_debug_info_section(name)) - return CB_PRETEND; - if (strcmp(name, ".eh_frame") == 0 -+ || strncmp(name, ".gnu.build.attributes", 21) == 0 // FIXME: We should really be checking the section type for ST_NOTE... - || strcmp(name, ".gcc_except_table") == 0) - return CB_IGNORE; - return CB_ERROR; diff --git a/binutils.spec b/binutils.spec index a7f201317c7b0c8a678cd8ce5ca4986aea0c7079..8c9b39e4de99e456cc8ee132cca0f401334f3918 100644 --- a/binutils.spec +++ b/binutils.spec @@ -1,7 +1,7 @@ Summary: Binary utilities Name: binutils -Version: 2.34 -Release: 13 +Version: 2.36.1 +Release: 1 License: GPLv3+ URL: https://sourceware.org/binutils @@ -19,38 +19,16 @@ Patch1: export-demangle.h-in-devel-package.patch #BUZ:845084 Patch2: binutils-2.22.52.0.4-no-config-h-check.patch #BUG:1452111 -Patch3: binutils-2.29-revert-PLT-elision.patch -Patch4: binutils-2.27-aarch64-ifunc.patch -#Stop gold from complaining about relocs -Patch5: binutils-gold-ignore-discarded-note-relocs.patch +Patch3: binutils-2.27-aarch64-ifunc.patch #PATCH-CVE-UPSTREAM -Patch6: CVE-2019-1010204.patch -Patch7: Import-a-fix-from-the-mainline-sources-that-prevents.patch -Patch8: PR25585-PHDR-segment-not-covered-by-LOAD-segment.patch -Patch9: Re-PR24511-nm-should-not-mark-symbols-in-.init_array.patch -Patch10: powerpc64-ld-infinite-loop.patch -Patch11: PR25745-powerpc64-ld-overflows-string-buffer-in-stat.patch -Patch12: BFD-Exclude-sections-with-no-content-from-compress-c.patch -Patch13: gas-PR-25863-Fix-scalar-vmul-inside-it-block-when-as.patch -Patch14: NDS32-disassembly-of-odd-sized-sections.patch - -Patch15: asan-readelf-leaks.patch -Patch16: asan-more-readelf-leaks.patch -Patch17: Re-asan-more-readelf-leaks.patch -Patch18: readelf-leak-in-process_archive.patch -Patch19: metag-uninitialized-memory-read.patch - -Patch20: Fix-a-potential-use-of-an-uninitialised-value-in-the.patch -Patch21: backport-CVE-2020-16592-PR25823-Use-after-free-in-bfd_hash_lookup.patch -Patch22: backport-CVE-2020-0551-i386-Generate-lfence.patch -Patch23: backport-0001-CVE-2021-20197.patch -Patch24: backport-0002-CVE-2021-20197.patch -Patch25: backport-0003-CVE-2021-20197.patch -Patch26: backport-Fix-a-build-problem-when-using-FreeBSD-12.patch -Patch27: backport-0004-CVE-2021-20197.patch -Patch28: backport-CVE-2021-3487.patch -Patch29: backport-CVE-2021-3549.patch +Patch4: CVE-2019-1010204.patch + +Patch5: Fix-a-potential-use-of-an-uninitialised-value-in-the.patch +Patch6: backport-0003-CVE-2021-20197.patch +Patch7: backport-Fix-a-build-problem-when-using-FreeBSD-12.patch +Patch8: backport-0004-CVE-2021-20197.patch +Patch9: backport-CVE-2021-3549.patch Provides: bundled(libiberty) @@ -341,6 +319,7 @@ fi %ghost %{_bindir}/ld %{_libdir}/lib*.so %{_libdir}/libctf* +%{_libdir}/bfd-plugins/libdep.so %exclude %{_libdir}/libctf.a %exclude %{_libdir}/libctf-nobfd.a %exclude %{_libdir}/libbfd.so @@ -363,6 +342,12 @@ fi %{_infodir}/bfd*info* %changelog +* Mon Jul 5 2021 yixiangzhike - 2.36.1-1 +- Type:NA +- ID:NA +- SUG:NA +- DESC: update to 2.36.1 + * Sat Jun 19 2021 wangchen - 2.34-13 - Type:CVE - ID:NA diff --git a/gas-PR-25863-Fix-scalar-vmul-inside-it-block-when-as.patch b/gas-PR-25863-Fix-scalar-vmul-inside-it-block-when-as.patch deleted file mode 100644 index 97f50e22acca2886d814a555720c8b5bd2ddbeb8..0000000000000000000000000000000000000000 --- a/gas-PR-25863-Fix-scalar-vmul-inside-it-block-when-as.patch +++ /dev/null @@ -1,85 +0,0 @@ -From a72427b1ae01304da0b5170e1e53f68c6d46c1de Mon Sep 17 00:00:00 2001 -From: Andre Simoes Dias Vieira -Date: Mon, 4 May 2020 13:05:42 +0100 -Subject: [PATCH] gas: PR 25863: Fix scalar vmul inside it block when - assembling for MVE - -This fixes PR 25863 by fixing the condition in the parsing of vmul in -do_mve_vmull. It also simplifies the code in there fixing latent issues that -would lead to NEON code being accepted when it shouldn't. - -2020-05-07 Andre Vieira - - Backport from mainline. - 2020-05-04 Andre Vieira - - PR gas/25863 - * config/tc-arm.c (do_mve_vmull): Fix scalar and NEON parsing of vmul. - * testsuite/gas/arm/mve-scalar-vmult-it.d: New test. - * testsuite/gas/arm/mve-scalar-vmult-it.s: New test. ---- - gas/config/tc-arm.c | 12 +++--------- - gas/testsuite/gas/arm/mve-scalar-vmul-it.d | 11 +++++++++++ - gas/testsuite/gas/arm/mve-scalar-vmul-it.s | 5 +++++ - 3 files changed, 19 insertions(+), 9 deletions(-) - create mode 100644 gas/testsuite/gas/arm/mve-scalar-vmul-it.d - create mode 100644 gas/testsuite/gas/arm/mve-scalar-vmul-it.s - -diff --git a/gas/config/tc-arm.c b/gas/config/tc-arm.c -index 8ad2d6d..7550f90 100644 ---- a/gas/config/tc-arm.c -+++ b/gas/config/tc-arm.c -@@ -18221,19 +18221,13 @@ do_mve_vmull (void) - - enum neon_shape rs = neon_select_shape (NS_HHH, NS_FFF, NS_DDD, NS_DDS, - NS_QQS, NS_QQQ, NS_QQR, NS_NULL); -- if (!ARM_CPU_HAS_FEATURE (cpu_variant, mve_ext) -- && inst.cond == COND_ALWAYS -+ if (inst.cond == COND_ALWAYS - && ((unsigned)inst.instruction) == M_MNEM_vmullt) - { -+ - if (rs == NS_QQQ) - { -- -- struct neon_type_el et = neon_check_type (3, rs, N_EQK , N_EQK, -- N_SUF_32 | N_F64 | N_P8 -- | N_P16 | N_I_MVE | N_KEY); -- if (((et.type == NT_poly) && et.size == 8 -- && ARM_CPU_IS_ANY (cpu_variant)) -- || (et.type == NT_integer) || (et.type == NT_float)) -+ if (!ARM_CPU_HAS_FEATURE (cpu_variant, mve_ext)) - goto neon_vmul; - } - else -diff --git a/gas/testsuite/gas/arm/mve-scalar-vmul-it.d b/gas/testsuite/gas/arm/mve-scalar-vmul-it.d -new file mode 100644 -index 0000000..f4564a5 ---- /dev/null -+++ b/gas/testsuite/gas/arm/mve-scalar-vmul-it.d -@@ -0,0 +1,11 @@ -+# name: Armv8.1-M Mainline scalar vmul instructions in it blocks (with MVE) -+# as: -march=armv8.1-m.main+mve.fp+fp.dp -+# objdump: -dr --prefix-addresses --show-raw-insn -marmv8.1-m.main -+ -+.*: +file format .*arm.* -+ -+Disassembly of section .text: -+[^>]*> bfbc itt lt -+[^>]*> ee20 0a81 vmullt.f32 s0, s1, s2 -+[^>]*> ee21 0b02 vmullt.f64 d0, d1, d2 -+#... -diff --git a/gas/testsuite/gas/arm/mve-scalar-vmul-it.s b/gas/testsuite/gas/arm/mve-scalar-vmul-it.s -new file mode 100644 -index 0000000..e6c24ac ---- /dev/null -+++ b/gas/testsuite/gas/arm/mve-scalar-vmul-it.s -@@ -0,0 +1,5 @@ -+.syntax unified -+.text -+itt lt -+vmullt.f32 s0, s1, s2 -+vmullt.f64 d0, d1, d2 --- -1.8.3.1 - diff --git a/metag-uninitialized-memory-read.patch b/metag-uninitialized-memory-read.patch deleted file mode 100644 index 4644625c3a9d192383ead301e8ad164476c81215..0000000000000000000000000000000000000000 --- a/metag-uninitialized-memory-read.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 340f3ac8082771ecc473ab938fc3d7cbf607ddaa Mon Sep 17 00:00:00 2001 -From: Alan Modra -Date: Fri, 20 Mar 2020 10:55:58 +1030 -Subject: [PATCH] metag uninitialized memory read - - * metag-dis.c (print_insn_metag): Don't ignore status from - read_memory_func. ---- - opcodes/metag-dis.c | 10 ++++++++-- - 1 files changed, 8 insertions(+), 2 deletions(-) - -diff --git a/opcodes/metag-dis.c b/opcodes/metag-dis.c -index f01dcba..b1cf633 100644 ---- a/opcodes/metag-dis.c -+++ b/opcodes/metag-dis.c -@@ -3364,9 +3364,15 @@ print_insn_metag (bfd_vma pc, disassemble_info *outf) - bfd_byte buf[4]; - unsigned int insn_word; - size_t i; -- outf->bytes_per_chunk = 4; -+ int status; - -- (*outf->read_memory_func) (pc & ~0x03, buf, 4, outf); -+ outf->bytes_per_chunk = 4; -+ status = (*outf->read_memory_func) (pc & ~0x03, buf, 4, outf); -+ if (status) -+ { -+ (*outf->memory_error_func) (status, pc, outf); -+ return -1; -+ } - insn_word = bfd_getl32 (buf); - - for (i = 0; i < sizeof(metag_optab)/sizeof(metag_optab[0]); i++) --- -1.8.3.1 - diff --git a/powerpc64-ld-infinite-loop.patch b/powerpc64-ld-infinite-loop.patch deleted file mode 100644 index ba90e32a66ec41da0aa26e4081a0828d40266899..0000000000000000000000000000000000000000 --- a/powerpc64-ld-infinite-loop.patch +++ /dev/null @@ -1,33 +0,0 @@ -From de9c1b7cfe6e57ea8b677dc2de06e83de50f47c2 Mon Sep 17 00:00:00 2001 -From: Alan Modra -Date: Wed, 11 Mar 2020 14:43:16 +1030 -Subject: [PATCH] powerpc64-ld infinite loop - -If this code dealing with possible conversion of inline plt sequences -is ever executed, ld will hang. A binary with such sequences and of -code size larger than approximately 90% the reach of an unconditional -branch is the trigger. Oops. - - * elf64-ppc.c (ppc64_elf_inline_plt): Do increment rel in for loop. - -(cherry picked from commit 435edf0bf231240ccecb474b74ebb49dc8db2633) ---- - bfd/elf64-ppc.c | 2 +- - 1 files changed, 1 insertions(+), 1 deletion(-) - -diff --git a/bfd/elf64-ppc.c b/bfd/elf64-ppc.c -index 73ea286..bea722c 100644 ---- a/bfd/elf64-ppc.c -+++ b/bfd/elf64-ppc.c -@@ -7507,7 +7507,7 @@ ppc64_elf_inline_plt (struct bfd_link_info *info) - return FALSE; - - relend = relstart + sec->reloc_count; -- for (rel = relstart; rel < relend; ) -+ for (rel = relstart; rel < relend; rel++) - { - enum elf_ppc64_reloc_type r_type; - unsigned long r_symndx; --- -1.8.3.1 - diff --git a/readelf-leak-in-process_archive.patch b/readelf-leak-in-process_archive.patch deleted file mode 100644 index 5e8b55fd20b87818ffdb2196370226fb43a0b560..0000000000000000000000000000000000000000 --- a/readelf-leak-in-process_archive.patch +++ /dev/null @@ -1,283 +0,0 @@ -From 1cb7d8b1afc7c71cfacfe017e0692c9064bf9818 Mon Sep 17 00:00:00 2001 -From: Alan Modra -Date: Thu, 19 Mar 2020 10:10:32 +1030 -Subject: [PATCH] readelf leak in process_archive - - * readelf.c (process_archive): Always return via path freeing - memory. Formatting. ---- - binutils/readelf.c | 166 +++++++++++++++++++++++++++++------------------------ - 1 files changed, 90 insertions(+), 76 deletions(-) - -diff --git a/binutils/readelf.c b/binutils/readelf.c -index c8ca66e..f76b9f6 100644 ---- a/binutils/readelf.c -+++ b/binutils/readelf.c -@@ -20256,49 +20256,58 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - if (do_archive_index) - { - if (arch.sym_table == NULL) -- error (_("%s: unable to dump the index as none was found\n"), filedata->file_name); -+ error (_("%s: unable to dump the index as none was found\n"), -+ filedata->file_name); - else - { - unsigned long i, l; - unsigned long current_pos; - -- printf (_("Index of archive %s: (%lu entries, 0x%lx bytes in the symbol table)\n"), -- filedata->file_name, (unsigned long) arch.index_num, arch.sym_size); -+ printf (_("Index of archive %s: (%lu entries, 0x%lx bytes " -+ "in the symbol table)\n"), -+ filedata->file_name, (unsigned long) arch.index_num, -+ arch.sym_size); - - current_pos = ftell (filedata->handle); - - for (i = l = 0; i < arch.index_num; i++) - { -- if ((i == 0) || ((i > 0) && (arch.index_array[i] != arch.index_array[i - 1]))) -- { -- char * member_name; -- -- member_name = get_archive_member_name_at (&arch, arch.index_array[i], &nested_arch); -+ if (i == 0 -+ || (i > 0 && arch.index_array[i] != arch.index_array[i - 1])) -+ { -+ char * member_name -+ = get_archive_member_name_at (&arch, arch.index_array[i], -+ &nested_arch); - -- if (member_name != NULL) -- { -- char * qualified_name = make_qualified_name (&arch, &nested_arch, member_name); -+ if (member_name != NULL) -+ { -+ char * qualified_name -+ = make_qualified_name (&arch, &nested_arch, -+ member_name); - -- if (qualified_name != NULL) -- { -- printf (_("Contents of binary %s at offset "), qualified_name); -+ if (qualified_name != NULL) -+ { -+ printf (_("Contents of binary %s at offset "), -+ qualified_name); - (void) print_vma (arch.index_array[i], PREFIX_HEX); - putchar ('\n'); -- free (qualified_name); -- } -+ free (qualified_name); -+ } - free (member_name); - } - } - - if (l >= arch.sym_size) - { -- error (_("%s: end of the symbol table reached before the end of the index\n"), -+ error (_("%s: end of the symbol table reached " -+ "before the end of the index\n"), - filedata->file_name); - ret = FALSE; - break; - } - /* PR 17531: file: 0b6630b2. */ -- printf ("\t%.*s\n", (int) (arch.sym_size - l), arch.sym_table + l); -+ printf ("\t%.*s\n", -+ (int) (arch.sym_size - l), arch.sym_table + l); - l += strnlen (arch.sym_table + l, arch.sym_size - l) + 1; - } - -@@ -20322,7 +20331,8 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - - if (fseek (filedata->handle, current_pos, SEEK_SET) != 0) - { -- error (_("%s: failed to seek back to start of object files in the archive\n"), -+ error (_("%s: failed to seek back to start of object files " -+ "in the archive\n"), - filedata->file_name); - ret = FALSE; - goto out; -@@ -20347,34 +20357,37 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - - /* Read the next archive header. */ - if (fseek (filedata->handle, arch.next_arhdr_offset, SEEK_SET) != 0) -- { -- error (_("%s: failed to seek to next archive header\n"), arch.file_name); -- return FALSE; -- } -+ { -+ error (_("%s: failed to seek to next archive header\n"), -+ arch.file_name); -+ ret = FALSE; -+ break; -+ } - got = fread (&arch.arhdr, 1, sizeof arch.arhdr, filedata->handle); - if (got != sizeof arch.arhdr) -- { -- if (got == 0) -+ { -+ if (got == 0) - break; - /* PR 24049 - we cannot use filedata->file_name as this will - have already been freed. */ - error (_("%s: failed to read archive header\n"), arch.file_name); - -- ret = FALSE; -- break; -- } -+ ret = FALSE; -+ break; -+ } - if (memcmp (arch.arhdr.ar_fmag, ARFMAG, 2) != 0) -- { -- error (_("%s: did not find a valid archive header\n"), arch.file_name); -- ret = FALSE; -- break; -- } -+ { -+ error (_("%s: did not find a valid archive header\n"), -+ arch.file_name); -+ ret = FALSE; -+ break; -+ } - - arch.next_arhdr_offset += sizeof arch.arhdr; - - archive_file_size = strtoul (arch.arhdr.ar_size, NULL, 10); - if (archive_file_size & 01) -- ++archive_file_size; -+ ++archive_file_size; - - name = get_archive_member_name (&arch, &nested_arch); - if (name == NULL) -@@ -20395,45 +20408,45 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - } - - if (is_thin_archive && arch.nested_member_origin == 0) -- { -- /* This is a proxy for an external member of a thin archive. */ -- Filedata * member_filedata; -- char * member_file_name = adjust_relative_path -+ { -+ /* This is a proxy for an external member of a thin archive. */ -+ Filedata * member_filedata; -+ char * member_file_name = adjust_relative_path - (filedata->file_name, name, namelen); - - free (name); -- if (member_file_name == NULL) -- { -+ if (member_file_name == NULL) -+ { - free (qualified_name); -- ret = FALSE; -- break; -- } -+ ret = FALSE; -+ break; -+ } - -- member_filedata = open_file (member_file_name); -- if (member_filedata == NULL) -- { -- error (_("Input file '%s' is not readable.\n"), member_file_name); -- free (member_file_name); -+ member_filedata = open_file (member_file_name); -+ if (member_filedata == NULL) -+ { -+ error (_("Input file '%s' is not readable.\n"), member_file_name); -+ free (member_file_name); - free (qualified_name); -- ret = FALSE; -- break; -- } -+ ret = FALSE; -+ break; -+ } - -- archive_file_offset = arch.nested_member_origin; -+ archive_file_offset = arch.nested_member_origin; - member_filedata->file_name = qualified_name; - -- if (! process_object (member_filedata)) -+ if (! process_object (member_filedata)) - ret = FALSE; - -- close_file (member_filedata); -- free (member_file_name); -+ close_file (member_filedata); -+ free (member_file_name); - free (qualified_name); -- } -+ } - else if (is_thin_archive) -- { -- Filedata thin_filedata; -+ { -+ Filedata thin_filedata; - -- memset (&thin_filedata, 0, sizeof (thin_filedata)); -+ memset (&thin_filedata, 0, sizeof (thin_filedata)); - - /* PR 15140: Allow for corrupt thin archives. */ - if (nested_arch.file == NULL) -@@ -20447,35 +20460,36 @@ process_archive (Filedata * filedata, bfd_boolean is_thin_archive) - } - free (name); - -- /* This is a proxy for a member of a nested archive. */ -- archive_file_offset = arch.nested_member_origin + sizeof arch.arhdr; -+ /* This is a proxy for a member of a nested archive. */ -+ archive_file_offset = arch.nested_member_origin + sizeof arch.arhdr; - -- /* The nested archive file will have been opened and setup by -- get_archive_member_name. */ -- if (fseek (nested_arch.file, archive_file_offset, SEEK_SET) != 0) -- { -- error (_("%s: failed to seek to archive member.\n"), nested_arch.file_name); -+ /* The nested archive file will have been opened and setup by -+ get_archive_member_name. */ -+ if (fseek (nested_arch.file, archive_file_offset, SEEK_SET) != 0) -+ { -+ error (_("%s: failed to seek to archive member.\n"), -+ nested_arch.file_name); - free (qualified_name); -- ret = FALSE; -- break; -- } -+ ret = FALSE; -+ break; -+ } - - thin_filedata.handle = nested_arch.file; - thin_filedata.file_name = qualified_name; - -- if (! process_object (& thin_filedata)) -+ if (! process_object (& thin_filedata)) - ret = FALSE; -- } -+ } - else -- { -+ { - free (name); -- archive_file_offset = arch.next_arhdr_offset; -- arch.next_arhdr_offset += archive_file_size; -+ archive_file_offset = arch.next_arhdr_offset; -+ arch.next_arhdr_offset += archive_file_size; - - filedata->file_name = qualified_name; -- if (! process_object (filedata)) -+ if (! process_object (filedata)) - ret = FALSE; -- } -+ } - - free (qualified_name); - } --- -1.8.3.1 -