diff --git a/backport-CVE-2022-48064.patch b/backport-CVE-2022-48064.patch new file mode 100644 index 0000000000000000000000000000000000000000..16ac13de9a2e4ad26d23bb931feb4e2e884d4f7b --- /dev/null +++ b/backport-CVE-2022-48064.patch @@ -0,0 +1,55 @@ +From 8f2c64de86bc3d7556121fe296dd679000283931 Mon Sep 17 00:00:00 2001 +From: Alan Modra +Date: Tue, 20 Dec 2022 23:47:03 +1030 +Subject: [PATCH] PR29922, SHT_NOBITS section avoids section size sanity check + + PR 29922 + * dwarf2.c (find_debug_info): Ignore sections without + SEC_HAS_CONTENTS. + +Reference:https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8f2c64de86bc3d7556121fe296dd679000283931 +Conflict:NA +--- + bfd/dwarf2.c | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) + +diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c +index 95f45708e9d..0cd8152ee6e 100644 +--- a/bfd/dwarf2.c ++++ b/bfd/dwarf2.c +@@ -4831,16 +4831,19 @@ find_debug_info (bfd *abfd, const struct dwarf_debug_section *debug_sections, + { + look = debug_sections[debug_info].uncompressed_name; + msec = bfd_get_section_by_name (abfd, look); +- if (msec != NULL) ++ /* Testing SEC_HAS_CONTENTS is an anti-fuzzer measure. Of ++ course debug sections always have contents. */ ++ if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0) + return msec; + + look = debug_sections[debug_info].compressed_name; + msec = bfd_get_section_by_name (abfd, look); +- if (msec != NULL) ++ if (msec != NULL && (msec->flags & SEC_HAS_CONTENTS) != 0) + return msec; + + for (msec = abfd->sections; msec != NULL; msec = msec->next) +- if (startswith (msec->name, GNU_LINKONCE_INFO)) ++ if ((msec->flags & SEC_HAS_CONTENTS) != 0 ++ && startswith (msec->name, GNU_LINKONCE_INFO)) + return msec; + + return NULL; +@@ -4848,6 +4851,9 @@ find_debug_info (bfd *abfd, const struct dwarf_debug_section *debug_sections, + + for (msec = after_sec->next; msec != NULL; msec = msec->next) + { ++ if ((msec->flags & SEC_HAS_CONTENTS) == 0) ++ continue; ++ + look = debug_sections[debug_info].uncompressed_name; + if (strcmp (msec->name, look) == 0) + return msec; +-- +2.33.0 + diff --git a/gdb.spec b/gdb.spec index 926ed7b18f71434dede1294e5aeda9b8d4a06297..676ad02dc86709047f79a18976442bf4c1e2c761 100644 --- a/gdb.spec +++ b/gdb.spec @@ -1,6 +1,6 @@ Name: gdb Version: 11.1 -Release: 9 +Release: 10 License: GPLv3+ and GPLv3+ with exceptions and GPLv2+ and GPLv2+ with exceptions and GPL+ and LGPLv2+ and LGPLv3+ and BSD and Public Domain and GFDL-1.3 Source: ftp://sourceware.org/pub/gdb/releases/gdb-%{version}.tar.xz @@ -106,6 +106,7 @@ Patch87: 0005-gdb-Add-LoongArch-clfs-system.patch Patch88: backport-CVE-2023-39128.patch Patch89: backport-CVE-2023-39129.patch Patch90: backport-CVE-2023-39130.patch +Patch91: backport-CVE-2022-48064.patch %global gdb_src gdb-%{version} %global gdb_build build-%{_target_platform} @@ -382,6 +383,9 @@ rm -f $RPM_BUILD_ROOT%{_datadir}/gdb/python/gdb/command/backtrace.py %{_infodir}/gdb.info* %changelog +* Mon Jul 14 2025 wangxiao - 11.1-10 +- fix CVE-2022-48064 + * Wed Jun 12 2024 wangxiao - 11.1-9 - modify gdb-help package's license GFDL to GFDL-1.3-or-later diff --git a/v1.5-libipt-static.patch b/v1.5-libipt-static.patch deleted file mode 100644 index 69e1d1a1cd18730dd6075d82fd248becb6414a06..0000000000000000000000000000000000000000 --- a/v1.5-libipt-static.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: processor-trace-2.0/libipt/src/posix/init.c -=================================================================== ---- processor-trace-2.0.orig/libipt/src/posix/init.c -+++ processor-trace-2.0/libipt/src/posix/init.c -@@ -29,7 +29,7 @@ - #include "pt_ild.h" - - --static void __attribute__((constructor)) init(void) -+void __libipt_init(void) - { - /* Initialize the Intel(R) Processor Trace instruction decoder. */ - pt_ild_init();