From 275140f9459ed0cff7b1772a08e490deebfbdd36 Mon Sep 17 00:00:00 2001
From: wula <jintang.song@epro.com.cn>
Date: Fri, 27 May 2022 11:15:32 +0800
Subject: [PATCH] fix CVE-2019-12972

---
 CVE-2019-12972.patch | 24 ++++++++++++++++++++++++
 mingw-binutils.spec  |  7 +++++--
 2 files changed, 29 insertions(+), 2 deletions(-)
 create mode 100644 CVE-2019-12972.patch

diff --git a/CVE-2019-12972.patch b/CVE-2019-12972.patch
new file mode 100644
index 0000000..52efccc
--- /dev/null
+++ b/CVE-2019-12972.patch
@@ -0,0 +1,24 @@
+diff -Naru binutils-2.32/bfd/ChangeLog binutils-2.32-new/bfd/ChangeLog
+--- binutils-2.32/bfd/ChangeLog	2019-02-03 00:00:31.000000000 +0800
++++ binutils-2.32-new/bfd/ChangeLog	2022-05-27 09:43:36.167147000 +0800
+@@ -1,3 +1,7 @@
++2019-06-21  Alan Modra  <amodra@gmail.com>
++	    PR 24689
++	    * elfcode.h (elf_object_p): Check type of e_shstrndx section
++
+ 2019-02-02  Nick Clifton  <nickc@redhat.com>
+ 
+ 	2.32 Release
+diff -Naru binutils-2.32/bfd/elfcode.h binutils-2.32-new/bfd/elfcode.h
+--- binutils-2.32/bfd/elfcode.h	2019-01-20 00:01:33.000000000 +0800
++++ binutils-2.32-new/bfd/elfcode.h	2022-05-27 09:40:46.257579000 +0800
+@@ -755,7 +755,8 @@
+   /* A further sanity check.  */
+   if (i_ehdrp->e_shnum != 0)
+     {
+-      if (i_ehdrp->e_shstrndx >= elf_numsections (abfd))
++      if (i_ehdrp->e_shstrndx >= elf_numsections (abfd)
++         || i_shdrp[i_ehdrp->e_shstrndx].sh_type != SHT_STRTAB)	
+ 	{
+ 	  /* PR 2257:
+ 	     We used to just goto got_wrong_format_error here
diff --git a/mingw-binutils.spec b/mingw-binutils.spec
index f8322e7..fa8dfc2 100644
--- a/mingw-binutils.spec
+++ b/mingw-binutils.spec
@@ -2,7 +2,7 @@
 
 Name:           mingw-binutils
 Version:        2.32
-Release:        7%{?dist}
+Release:        8%{?dist}
 Summary:        Cross-compiled version of binutils for Win32 and Win64 environments
 
 License:        GPLv2+ and LGPLv2+ and GPLv3+ and LGPLv3+
@@ -158,7 +158,7 @@ Patch100:       0001-Plugin-target-handling.patch
 # Backport https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=patch;h=2219ae0b0ebe14373850b000c2abaa31dab1d741
 # Fixes an LTO issue (#1475237)
 Patch101:         binutils_24267.patch
-
+Patch102:         CVE-2019-12972.patch
 BuildRequires:  gcc
 BuildRequires:  flex
 BuildRequires:  bison
@@ -399,5 +399,8 @@ rm -rf $RPM_BUILD_ROOT/multilib
 
 
 %changelog
+* Thur May 27 2022 Jintang Song<jintang.song@epro.com.cn>- 2.32-8
+- Fix CVE-2019-12972.patch
+
 * Thu Oct 08 2020 Zhiyi Weng <zhiyi@iscas.ac.cn> - 2.32-7
 - Initial version
-- 
Gitee