From 8f4765116823ad08e72301f75ede89e24043c304 Mon Sep 17 00:00:00 2001 From: fly_fzc <2385803914@qq.com> Date: Fri, 1 Sep 2023 12:06:35 +0800 Subject: [PATCH] Fix segfault in eu-ar -m and Use upstream patch for Fix error of parsing object file perms --- Fix-segfault-in-eu-ar-m.patch | 34 +++++++++++++++ ...ectly-decode-ar_mode-as-octal-string.patch | 42 +++++++++++++------ elfutils.spec | 12 +++++- 3 files changed, 74 insertions(+), 14 deletions(-) create mode 100644 Fix-segfault-in-eu-ar-m.patch rename Fix-error-of-parsing-object-file-perms.patch => backport-libelf-Correctly-decode-ar_mode-as-octal-string.patch (38%) diff --git a/Fix-segfault-in-eu-ar-m.patch b/Fix-segfault-in-eu-ar-m.patch new file mode 100644 index 0000000..9667644 --- /dev/null +++ b/Fix-segfault-in-eu-ar-m.patch @@ -0,0 +1,34 @@ +From 7170b990d3dc3974b8e670b3c0e4ca6dcc20c853 Mon Sep 17 00:00:00 2001 +From: xiezhipeng +Date: Wed, 8 Dec 2021 09:47:36 +0800 +Subject: [PATCH] fix segfault in eu-ar -m + +Fix segfaultineu-ar-m. + +--- + src/ar.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/ar.c b/src/ar.c +index ab6098f..ed5fe2f 100644 +--- a/src/ar.c ++++ b/src/ar.c +@@ -1159,6 +1159,7 @@ do_oper_insert (int oper, const char *arfname, char **argv, int argc, + goto next; + + struct armem *newp = alloca (sizeof (struct armem)); ++ memset (newp, '\0', sizeof(struct armem)); + newp->old_off = elf_getaroff (subelf); + newp->size = arhdr->ar_size; + newp->sec = arhdr->ar_date; +@@ -1251,6 +1252,7 @@ do_oper_insert (int oper, const char *arfname, char **argv, int argc, + if (found[cnt] == NULL) + { + found[cnt] = alloca (sizeof (struct armem)); ++ memset (found[cnt], '\0', sizeof(struct armem)); + found[cnt]->old_off = -1; + + remember_long_name (found[cnt], bname, bnamelen); +-- +2.27.0 + diff --git a/Fix-error-of-parsing-object-file-perms.patch b/backport-libelf-Correctly-decode-ar_mode-as-octal-string.patch similarity index 38% rename from Fix-error-of-parsing-object-file-perms.patch rename to backport-libelf-Correctly-decode-ar_mode-as-octal-string.patch index cf487ab..6f2513d 100644 --- a/Fix-error-of-parsing-object-file-perms.patch +++ b/backport-libelf-Correctly-decode-ar_mode-as-octal-string.patch @@ -1,21 +1,37 @@ -From 9e18fcfeb2c8ff471c11da58b05215e219be20fd Mon Sep 17 00:00:00 2001 -From: yixiangzhike -Date: Tue, 16 Aug 2022 09:49:35 +0800 -Subject: [PATCH] fix error of parsing object file perms +From ee188125b10d1588a0536af033d7b7b1bbbaafaf Mon Sep 17 00:00:00 2001 +From: Mark Wielaard +Date: Sun, 28 Aug 2022 19:51:13 +0200 +Subject: [PATCH] libelf: Correctly decode ar_mode as octal string +ar_mode is encoded as an octal ascii string, not decimal. Add a new +OCT_FIELD macro to decode it. + +https://sourceware.org/bugzilla/show_bug.cgi?id=28729 + +Signed-off-by: Mark Wielaard --- - libelf/elf_begin.c | 20 +++++++++++++++++++- - 1 file changed, 19 insertions(+), 1 deletion(-) + libelf/elf_begin.c | 25 +++++++++++++++++++++++-- + 1 files changed, 23 insertions(+), 2 deletions(-) diff --git a/libelf/elf_begin.c b/libelf/elf_begin.c -index 17d9b1f..581d8ef 100644 +index 17d9b1f3..71eb3594 100644 --- a/libelf/elf_begin.c +++ b/libelf/elf_begin.c -@@ -997,10 +997,28 @@ __libelf_next_arhdr_wrlock (Elf *elf) +@@ -977,7 +977,8 @@ __libelf_next_arhdr_wrlock (Elf *elf) + atoll depending on the size of the types. We are also prepared + for the case where the whole field in the `struct ar_hdr' is + filled in which case we cannot simply use atol/l but instead have +- to create a temporary copy. */ ++ to create a temporary copy. Note that all fields use decimal ++ encoding, except ar_mode which uses octal. */ + + #define INT_FIELD(FIELD) \ + do \ +@@ -997,10 +998,30 @@ __libelf_next_arhdr_wrlock (Elf *elf) } \ while (0) -+#define INT_FIELD_HN(FIELD, HN) \ ++#define OCT_FIELD(FIELD) \ + do \ + { \ + char buf[sizeof (ar_hdr->FIELD) + 1]; \ @@ -27,9 +43,11 @@ index 17d9b1f..581d8ef 100644 + string = buf; \ + } \ + if (sizeof (elf_ar_hdr->FIELD) <= sizeof (long int)) \ -+ elf_ar_hdr->FIELD = (__typeof (elf_ar_hdr->FIELD)) strtol (string, NULL, HN); \ ++ elf_ar_hdr->FIELD \ ++ = (__typeof (elf_ar_hdr->FIELD)) strtol (string, NULL, 8); \ + else \ -+ elf_ar_hdr->FIELD = (__typeof (elf_ar_hdr->FIELD)) strtoll (string, NULL, HN); \ ++ elf_ar_hdr->FIELD \ ++ = (__typeof (elf_ar_hdr->FIELD)) strtoll (string, NULL, 8); \ + } \ + while (0) + @@ -37,7 +55,7 @@ index 17d9b1f..581d8ef 100644 INT_FIELD (ar_uid); INT_FIELD (ar_gid); - INT_FIELD (ar_mode); -+ INT_FIELD_HN (ar_mode, 8); ++ OCT_FIELD (ar_mode); INT_FIELD (ar_size); if (elf_ar_hdr->ar_size < 0) diff --git a/elfutils.spec b/elfutils.spec index 154a920..8801680 100644 --- a/elfutils.spec +++ b/elfutils.spec @@ -1,17 +1,18 @@ # -*- rpm-spec from http://elfutils.org/ -*- Name: elfutils Version: 0.180 -Release: 14 +Release: 15 Summary: A collection of utilities and DSOs to handle ELF files and DWARF data URL: http://elfutils.org/ License: GPLv3+ and (GPLv2+ or LGPLv3+) Source: ftp://sourceware.org/pub/elfutils/%{version}/elfutils-%{version}.tar.bz2 Patch0: backport-elfclassify-Fix-no-stdin-flag.patch -Patch1: Fix-error-of-parsing-object-file-perms.patch +Patch1: backport-libelf-Correctly-decode-ar_mode-as-octal-string.patch Patch2: Fix-issue-of-moving-files-by-ar-or-br.patch Patch3: Get-instance-correctly-for-eu-ar-N-option.patch Patch4: backport-CVE-2021-33294-readelf-Sanity-check-verneed-and-verdef-offsets-in-h.patch +Patch5: Fix-segfault-in-eu-ar-m.patch Provides: elfutils-libelf elfutils-default-yama-scope default-yama-scope elfutils-libs Obsoletes: elfutils-libelf < %{version}-%{release} elfutils-default-yama-scope < %{version}-%{release} elfutils-libs < %{version}-%{release} @@ -257,6 +258,13 @@ exit 0 %systemd_postun_with_restart debuginfod.service %changelog +* Fri Sep 01 2023 fuanan - 0.180-15 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:Fix segfault in eu-ar -m + Use upstream patch for Fix error of parsing object file perms + * Wed Jul 19 2023 fuanan - 0.180-14 - Type:CVE - ID:CVE-2021-33294 -- Gitee