From 6b3468b459169cab19b66e496518d6d556c0ecf7 Mon Sep 17 00:00:00 2001
From: linzhuorong <linzhuorong@huawei.com>
Date: Mon, 5 Dec 2022 06:54:58 +0000
Subject: [PATCH] [Backport] libdwfl: Fix overflow check in link_map.c
 read_addrs

Signed-off-by: linzhuorong <linzhuorong@huawei.com>
---
 ...rflow-check-in-link_map.c-read_addrs.patch | 32 +++++++++++++++++++
 elfutils.spec                                 |  9 +++++-
 2 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 backport-libdwfl-Fix-overflow-check-in-link_map.c-read_addrs.patch

diff --git a/backport-libdwfl-Fix-overflow-check-in-link_map.c-read_addrs.patch b/backport-libdwfl-Fix-overflow-check-in-link_map.c-read_addrs.patch
new file mode 100644
index 0000000..b64056b
--- /dev/null
+++ b/backport-libdwfl-Fix-overflow-check-in-link_map.c-read_addrs.patch
@@ -0,0 +1,32 @@
+From 394cbe87c349b180a8b2aa4b0868698469d6de95 Mon Sep 17 00:00:00 2001
+From: Mark Wielaard <mark@klomp.org>
+Date: Thu, 6 Jan 2022 16:44:56 +0100
+Subject: [PATCH] libdwfl: Fix overflow check in link_map.c read_addrs
+
+The buffer_available overflow check wasn't complete. Also check nb
+isn't too big.
+
+https://sourceware.org/bugzilla/show_bug.cgi?id=28720
+
+Signed-off-by: Mark Wielaard <mark@klomp.org>
+---
+ libdwfl/link_map.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libdwfl/link_map.c b/libdwfl/link_map.c
+index 0d8d1c1..e7c4173 100644
+--- a/libdwfl/link_map.c
++++ b/libdwfl/link_map.c
+@@ -256,7 +256,8 @@ read_addrs (struct memory_closure *closure,
+   /* Read a new buffer if the old one doesn't cover these words.  */
+   if (buffer == NULL
+       || vaddr < *read_vaddr
+-      || vaddr - (*read_vaddr) + nb > *buffer_available)
++      || nb > *buffer_available
++      || vaddr - (*read_vaddr) > *buffer_available - nb)
+     {
+       release_buffer (closure, buffer, buffer_available, 0);
+ 
+-- 
+2.12.3
+
diff --git a/elfutils.spec b/elfutils.spec
index 8020437..284b920 100644
--- a/elfutils.spec
+++ b/elfutils.spec
@@ -1,7 +1,7 @@
 # -*- rpm-spec from http://elfutils.org/ -*-
 Name: elfutils
 Version: 0.185
-Release: 16
+Release: 17
 Summary: A collection of utilities and DSOs to handle ELF files and DWARF data
 URL: http://elfutils.org/
 License: GPLv3+ and (GPLv2+ or LGPLv3+)
@@ -14,6 +14,7 @@ Patch3: Fix-issue-of-moving-files-by-ar-or-br.patch
 Patch4: Get-instance-correctly-for-eu-ar-N-option.patch
 Patch5: backport-readelf-Handle-DW_LLE_GNU_view_pair.patch
 Patch6: elfutils-Add-sw64-architecture.patch
+Patch7: backport-libdwfl-Fix-overflow-check-in-link_map.c-read_addrs.patch
 
 Provides:  elfutils-libelf elfutils-default-yama-scope default-yama-scope elfutils-libs
 Obsoletes: elfutils-libelf < %{version}-%{release} elfutils-default-yama-scope < %{version}-%{release} elfutils-libs < %{version}-%{release}
@@ -266,6 +267,12 @@ exit 0
 %systemd_postun_with_restart debuginfod.service
 
 %changelog
+* Mon Dec 5 2022 linzhuorong <linzhuorong@huawei.com> - 0.185-17
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC:libdwfl: Fix overflow check in link_map.c read_addrs
+
 * Thu Dec 1 2022 wuzx<wuzx1226@qq.com> - 0.185-16
 - Type:feature
 - CVE:NA
-- 
Gitee