Pick commit per NVD CVE report.
Note that there were two patches for this, first [1] and then [2].
The second patch moved the original patch to different location.
Cherry-pick of second patch is successful leaving out the code removing
the code from first location, so the patch attached here is not
identical to the upstream commit but is identical to applying both and
merging them to a single patch.
[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=1108620d7a521f1c85d2f629031ce0fbae14e331
[2] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=72efdf166aa0ed72ecc69fc2349af6591a7a19c0
(From OE-Core rev: 98df728e6136d04af0f4922b7ffbeffb704de395)
(From OE-Core rev: b220cccdab44bc707d2c934a3ea81d20b67d14b0)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE: CVE-2025-8225
It is possible with fuzzed files to have num_debug_info_entries zero
after allocating space for debug_information, leading to multiple
allocations.
* dwarf.c (process_debug_info): Don't test num_debug_info_entries
to determine whether debug_information has been allocated,
test alloc_num_debug_info_entries.
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4]
(From OE-Core rev: 7feed679262025b8405488d064e2c546a3ed7a0c)
Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE: CVE-2025-11081
Trying to dump .sframe in a PE file results in a segfault accessing
elf_section_data.
* objdump (dump_sframe_section, dump_dwarf_section): Don't access
elf_section_type without first checking the file is ELF.
PR 33406 SEGV in dump_dwarf_section
[https://sourceware.org/bugzilla/show_bug.cgi?id=33406]
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=f87a66db645caf8cc0e6fc87b0c28c78a38af59b]
(From OE-Core rev: 6ed800208a56d69faf4a1b3458caa8d412f01b89)
Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick patch per link in NVD report.
(From OE-Core rev: 155a93a0e0ea52316567b0eaea37b8da4c80d7be)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Pick patch per link in NVD report.
(From OE-Core rev: fe40f3c025d31b262582e0ec9e7b688ae82ee0e6)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
objcopy: Don't extend the output section size
Since the output section contents are copied from the input, don't
extend the output section size beyond the input section size.
Backport a patch from upstream to fix CVE-2025-7545
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944]
(From OE-Core rev: 128e40c39d8eafdd32fea71b902b38801afec202)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Below commit on binutils-2.42 stable branch are updated.
x86: Check MODRM for call and jmp in binutils older than 2.45
Test Results:
Before After Diff
No. of expected passes 302 302 0
No. of unexpected failures 2 2 0
No. of untested testcases 1 1 0
No. of unsupported tests 7 7 0
Testing was done and there were no regressions found
(From OE-Core rev: 412def8923a89f3c385eae25901bed0c07859029)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
PR32858 ld segfault on fuzzed object
We missed one place where it is necessary to check for empty groups.
Backport a patch from upstream to fix CVE-2025-5244
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=d1458933830456e54223d9fc61f0d9b3a19256f5]
(From OE-Core rev: 31fc180f606c5bb141c9c6dd85a7b1d876e1d692)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
PR32829, SEGV on objdump function debug_type_samep
u.kenum is always non-NULL, see debug_make_enum_type.
Backport a patch from upstream to fix CVE-2025-5245
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=6c3458a8b7ee7d39f070c7b2350851cb2110c65a]
(From OE-Core rev: 8202e66670327b02ec3de18b5af4a8b09abdc50d)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
CVE-2025-1180 is fixed with patch from CVE-2025-1176.
More details about CVE is here: https://nvd.nist.gov/vuln/detail/CVE-2025-1179
(From OE-Core rev: 9c63f1c73426532a94f01fbbe26c9f52a3c4fdf7)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Below commit on binutils-2.42 stable branch is updated.
6558f9f5f0c s390: Add support for z17 as CPU name
Testing was done and there were no regressions found
(From OE-Core rev: 08d6ca500e6dd571f5882f82f6ad804bd2eec8c8)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
During the execution of the command: i686-w64-mingw32-dlltool
--input-def $def_filepath --output-delaylib $filepath --dllname qemu.exe
An error occurred:
i686-w64-mingw32-dlltool: failed to open temporary head file: ..._w64_mingw32_nativesdk_qemu_8_2_2_build_plugins_libqemu_plugin_api_a_h.s
Due to the path length exceeding the Linux system's file name length
limit (NAME_MAX=255), the temporary file name generated by the
i686-w64-mingw32-dlltool command becomes too long to open. To address
this, a new temporary file name prefix is generated using tmp_prefix =
prefix_encode ("d", getpid()), ensuring that the file name does not
exceed the system's length limit.
Allow for "snnnnn.o" suffix when testing against NAME_MAX, and tidy
TMP_STUB handling by overwriting a prior nnnnn.o string rather than
copying the entire name.
(From OE-Core rev: 617df4ee1d6523ded43f156af8206dfca2c0c8ee)
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Below commits on binutils-2.42 stable branch are updated.
758a2290dbd PR32387 ppc64 TLS optimization bug with -fno-plt code
ed489bf1574 s390: Add arch15 Concurrent-Functions Facility insns
64e8e16a906 s390: Add arch15 instruction names
Tested on qemux86_64.
There were no additional PASS or FAIL after the update
(From OE-Core rev: 6ce232df15834cae44f3eda0f786132086afb76e)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
A buffer overflow vulnerability exists in GNU Binutils’ objdump utility
when processing tekhex format files. The vulnerability occurs in the
Binary File Descriptor (BFD) library’s tekhex parser during format identification.
Specifically, the issue manifests when attempting to read 8 bytes at an address
that precedes the global variable ‘_bfd_std_section’, resulting in an out-of-bounds read.
Backport a patch from upstream to fix CVE-2024-53589.
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=e0323071916878e0634a6e24d8250e4faff67e88]
(From OE-Core rev: 15635eb807ea1cbf0fd04e0cbe9cf169df107a05)
Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Below commits on binutils-2.42 stable branch are updated.
09ba78f0513 LoongArch: ld:Report an error when seeing an unrecognized relocation
00abcf39930 s390: Add arch15 instructions
caf72067a77 s390: Relax risbg[n]z, risb{h|l}gz, {rns|ros|rxs}bgt operand constraints
543a22c7ee3 s390: Simplify (dis)assembly of insn operands with const bits
7c94c87d463 s390: Align opcodes to lower-case
fffb4fae823 s390: Flag conditional branch relative insns as condjump
2d238ecbe50 s390: Use proper string lengths when parsing opcode table flags
10d0dd2ba2b s390: Whitespace fixes in conditional branch flavor descriptions
10a143e273c LoongArch: Add elfNN_loongarch_mkobject to initialize LoongArch tdata
9055fbe5ffb LoongArch: The symbol got type can only be obtained after initialization
Tested on qemux86_64.
There were no additional PASS or FAIL after the update
(From OE-Core rev: 312c522787e72fffb9eb1b49e97aeaf24db27d2d)
Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
In SDK, missing perl modules causes 'x86_64-pokysdk-linux-gp-display-html --help' to abort with below errors..
- Can't locate bignum.pm in @INC (you may need to install the feature module).
- Can't locate Math/BigInt.pm in @INC (you may need to install the Math::BigInt module)
By adding the following perl modules to RDEPENDS fixes the above errors:
nativesdk-perl-module-bignum
nativesdk-perl-module-bigint
nativesdk-perl-module-math-bigint
(patch taken to master branch with following commit id: 05f1099acbbb10b6ce33ea117d313749f7dc4a47)
(From OE-Core rev: a1317e52260eed9961291d461e48a4915ffc36bc)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Below commits on binutils-2.42 stable branch are updated.
8a6764d35e5 libctf: fix ref leak of names of newly-inserted non-root-visible types
d9ddfab9be2 ld: Move foo before delete in dl5.cc
3e92ae5088c ld: Avoid folding new and delete pairs
Results before updates as below:
No. of expected passes 302
No. of unexpected failures 2
No. of untested testcases 1
No. of unsupported tests 7
Results after updates as below:
No. of expected passes 302
No. of unexpected failures 2
No. of untested testcases 1
No. of unsupported tests 7
(From OE-Core rev: cfa318fd4a0a6bfa9899a366189ef6a75f000770)
Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Below commits on binutils-2.42 stable branch are updated.
29ae8b8ea71 x86-64: Skip -z mark-plt tests on MUSL
92cc764e58f hppa: Fix handling of relocations that apply to data
c439c1e1f56 elf: Add glibc version dependency only if needed
68ae8e2a849 ld: pass -g for ld-elf tests
a1e3cb45c67 aarch64: Enable +cssc for armv8.9-a
(From OE-Core rev: f5a56716b40bb8911e5bb31d5dc49b434e733a9a)
Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Code backported from binutils development tree.
aarch64: Remove asserts from operand qualifier decoders [PR31595]
Given that the disassembler should never abort when decoding
(potentially random) data, assertion statements in the
`get_*reg_qualifier_from_value' function family prove problematic.
...
(From OE-Core rev: 3b070fc3963d04ce8c13b5b78c3b7ae95e26c435)
Signed-off-by: Mark Hatle <mark.hatle@amd.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 00f3d8495a1d8fe44336b53c5a9d9a5f8a8d5664)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
In SDK, The "x86_64-pokysdk-linux-gp-display-html" fails with below error while genearting profiling html reports from test experiment file (eg., test.1.er)
Error: Undefined subroutine &bigint::hex called at .../sysroots/x86_64-pokysdk-linux/usr/bin/x86_64-pokysdk-linux-gp-display-html line 4059, <MAP_XML> line 1.
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=3243d790ee32aa8eda69226d81b1e79dbd1dcd87]
(From OE-Core rev: b1f08a3d6a5e91619fb448e067a3d542eb130fcc)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Set CVE_STATUS as none of the issues apply against the versions
used in the recipes.
(From OE-Core rev: cea8c8bf73e84133f566d1c2ca0637494f2d7afe)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Below commits on binutils-2.41 stable branch are updated.
eb49941e7e1 Gold/MIPS: Add targ_extra_size=64 for mips32 triples
c27eff41737 Gold/MIPS: Use EM_MIPS instead of EM_MIPS_RS3_LE for little endian
7fe76f02413 x86-64: fix suffix-less PUSH of symbol address
(From OE-Core rev: 580119844fd93eb7bbc778722a6117a31b7c1591)
Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Otherwise this can be used from the host leading to output determinism issues
where the output may have zero length files for man pages without it.
Limit it to target only since we don't need this for native/cross.
(From OE-Core rev: 77f615fd49efe4b38db030c602eff709e3bc0f14)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In some cases we need to pass the linker arguments to the linker, particularly when
the default in LD differs to that which gcc and our compiler flags are using (mips
defaults to 32 bit). Ensure these are passed in.
(From OE-Core rev: 0243af31f404f0b9187cebef192e626e290ead49)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit f72fd51e0d (binutils: package static libs from gprofng) added
corresponding FILES:${PN}-staticdev entry to the main .bb recipe.
But binutils-cross-canadian fails with exactly the same QA issue,
hence move FILES:${PN}-staticdev to the common shared .inc file.
(From OE-Core rev: 75beddd33e132333c36ad067e2cf90edffeb5bf5)
Signed-off-by: Denys Dmytriyenko <denys@konsulko.com>
Signed-off-by: Denys Dmytriyenko <denis@denix.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Backport a patch from upstream to fix CVE-2023-1972.
(From OE-Core rev: 10d63933e3a30bfac2f6cec896460c22e04baadd)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* fixes:
ERROR: binutils-2.40-r0 do_package: QA Issue: binutils: Files/directories were installed but not shipped in any package:
/usr/lib/gprofng/libgp-collectorAPI.a
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
binutils: 1 installed and not shipped files. [installed-vs-shipped]
(From OE-Core rev: ab6ae4b715143364288ba164f8ab5c3cd7f486ae)
(From OE-Core rev: f72fd51e0da100e7ed90992225688bf43e2a69b6)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Rebase existing patches
- Drop 0014-configure-remove-dependencies-on-gmp-and-mpfr-when-g.patch
which is already in
- Correct packaging path to libgprofng.so
- Below commits on binutils-2.40 stable branch are updated.
4671be001eb Updated Hungarian translation for the gprof directory
ded035f913e lto: Don't add indirect symbols for versioned aliases in IR
74cb2ddeabc gas: arm: Change warning message to not reference specific A-class architecture revision
570b9c09bbf gas: arm: Fix a further IT-predicated vcvt issue in the presense of MVE vcvtn
bddd62e188c libctf: get the offsets of fields of unnamed structs/unions right
7aa47eafcce libctf: fix assertion failure with no system qsort_r
165accf0752 coff_get_normalized_symtab bfd_release
af35798e957 PR30217, dynamic relocations using local dynamic symbols
18bb604f1e1 PR30198, Assertion and segfault when linking x86_64 elf and coff
34a2b4a0e21 PR30155, ld segfault in _bfd_nearby_section
3d0046f39aa PR30046, power cmpi leads to unknown architecture
5c87fb1d59b ppc32 and "LOAD segment with RWX permissions"
11f5c1ebf14 Updated Serbian translations for gold, gprof and opcodes sub-directories
38e455b1d9a Updated translations for the bfd and gprof directories.
b2bc62b7b4e gas: correct symbol name comparison in .startof./.sizeof. handling
17294931e3e configure: remove dependencies on gmp and mpfr when gdb is disabled
1fc096a4c59 Regen config files
e1815414077 Pass $JANSSON_LIBS and $ZSTD_LIBS to ld-bootstrap/bootrap.exp
3e888977f16 bpf: fix error conversion from long unsigned int to unsigned int [-Werror=overflow]
65dbb942145 Updated Swedish translation for the binutils sub-directory
27f59ec47a1 RISC-V: make C-extension JAL available again for (32-bit) assembly
edd36b26f35 gprofng: PR30043 libgprofng.so.* are installed to a wrong location
c6e269febbc gprofng: PR29521 [docs] man pages are not in the release tarball
bcea253f5fa toplevel: Makefile.def: add install-strip dependency on libsframe
(From OE-Core rev: 5d7389770af6613af4ca8a2d30cc79d494a91075)
(From OE-Core rev: dcaf5192599b9474901ab73b66c330a401623fc1)
Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The recommendation from server maintainers is that the https protocol
is both faster and more reliable than the dedicated git protocol at this point.
Switch to it where possible.
(From OE-Core rev: 139102a73d4151f4748b4a861bd4ab28dda7dab7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is little point in having "crosssdk" suffex added to the virtual provider within
gcc/go since the TARGET_PREFIX or SDK_PREFIX already encapsulates this. Remove it
allowing some of the special case overriding to be removed.
This also allows removal of some of the MLPREFIX usage since again, the triplet
also covers this.
(From OE-Core rev: fe0206ba482d209b24e636d578aa68ba5e67ba1b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is little point in having "crosssdk" suffex added to the virtual provider within
binutils since the TARGET_PREFIX or SDK_PREFIX already encapsulates this. Remove it
allowing some of the special case overriding to be removed.
(From OE-Core rev: 6856fc5c848cc2564bebe03a007ef109f46d0adb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
