packages/libdwarf
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:e847eace5f6937084de868dd10d63ab99a1d9158
Branches Tags
packages:main
..
compare: packages:341cac14e2482b0e260a58bb735888783ad002cc
Branches Tags
packages:main

No commits in common. "e847eace5f6937084de868dd10d63ab99a1d9158" and "341cac14e2482b0e260a58bb735888783ad002cc" have entirely different histories.
e847eace5f ... 341cac14e2

5 changed files with 25 additions and 199 deletions
Show Stats Expand all files Collapse all files

164
CVE-2024-2002.patch
View File

@ -1,164 +0,0 @@
From 404e6b1b14f60c81388d50b4239f81d461b3c3ad Mon Sep 17 00:00:00 2001
From: David Anderson <davea42@linuxmail.org>
Date: Sat, 17 Feb 2024 13:33:39 -0800
Subject: [PATCH] Fixing DW202402-002, corrupt object caused various libdwarf
crashes with some tailored/fuzzed object files. modified:
src/lib/libdwarf/dwarf_alloc.c modified:
src/lib/libdwarf/dwarf_error.c
Origin: https://github.com/davea42/libdwarf-code/commit/404e6b1b14f60c81388d50b4239f81d461b3c3ad
---
src/lib/libdwarf/dwarf_alloc.c | 56 ++++++++++++++++++++++++++++++++--
src/lib/libdwarf/dwarf_error.c | 5 +--
2 files changed, 57 insertions(+), 4 deletions(-)
diff --git a/src/lib/libdwarf/dwarf_alloc.c b/src/lib/libdwarf/dwarf_alloc.c
index 9ef9b16f4..a73b8abf9 100644
--- a/src/lib/libdwarf/dwarf_alloc.c
+++ b/src/lib/libdwarf/dwarf_alloc.c
@@ -143,6 +143,7 @@ _dwarf_error_destructor(void *m)
#if DEBUG_ALLOC
printf("libdwarfdetector DEALLOC Now destruct error "
"string %s\n",dwarfstring_string(erm));
+ fflush(stdout);
#endif /* DEBUG_ALLOC */
dwarfstring_destructor(erm);
free(erm);
@@ -182,6 +183,8 @@ struct reserve_data_s {
#define STATIC_ALLOWED 10 /* arbitrary, must be > 2, see below*/
static unsigned static_used = 0;
+/* entries in this list point to allocations of
+ type DW_DLA_ERROR. */
static Dwarf_Error staticerrlist[STATIC_ALLOWED];
/* Clean this out if found */
@@ -215,7 +218,7 @@ dw_empty_errlist_item(Dwarf_Error e_in)
}
}
-/* If the userr calls dwarf_dealloc on an error
+/* If the user calls dwarf_dealloc on an error
out of a dwarf_init*() call, this will find
it in the static err list. Here dbg is NULL
so not mentioned. */
@@ -226,11 +229,21 @@ _dwarf_add_to_static_err_list(Dwarf_Error error)
if (!error) {
return;
}
+#ifdef DEBUG_ALLOC
+ printf("\nlibdwarfdetector add to static err list "
+ " 0x%lx\n",(unsigned long)(uintptr_t)error);
+ fflush(stdout);
+#endif /* DEBUG_ALLOC */
for ( ; i <static_used; ++i) {
Dwarf_Error e = staticerrlist[i];
if (e) {
continue;
}
+#ifdef DEBUG_ALLOC
+ printf("libdwarfdetector add to static err list at %u\n",
+ i);
+ fflush(stdout);
+#endif /* DEBUG_ALLOC */
staticerrlist[i] = error;
return;
}
@@ -239,6 +252,38 @@ _dwarf_add_to_static_err_list(Dwarf_Error error)
++static_used;
}
}
+/* See libdwarf vulnerability DW202402-002
+ for the motivation.
+*/
+static void
+_dwarf_remove_from_staticerrlist(Dwarf_Ptr *space)
+{
+ unsigned i = 0;
+ if (!space) {
+ return;
+ }
+#ifdef DEBUG_ALLOC
+ printf("\nlibdwarfdetector remove from static err list "
+ " 0x%lx\n",(unsigned long)(uintptr_t)space);
+ fflush(stdout);
+#endif /* DEBUG_ALLOC */
+ for ( ; i <static_used; ++i) {
+ Dwarf_Error e = staticerrlist[i];
+ if (!e) {
+ continue;
+ }
+ if ((void *)e == space) {
+#ifdef DEBUG_ALLOC
+ printf("libdwarfdetector rm from static err list at %u\n",
+ i);
+ fflush(stdout);
+#endif /* DEBUG_ALLOC */
+ staticerrlist[i] = 0;
+ return;
+ }
+ }
+}
+
/* This will free everything in the staticerrlist,
but that is ok */
void
@@ -671,7 +716,7 @@ _dwarf_get_alloc(Dwarf_Debug dbg,
}
}
#if DEBUG_ALLOC
- printf("libdwarfdetector ALLOC ret 0x%lx type 0x%x "
+ printf("\nlibdwarfdetector ALLOC ret 0x%lx type 0x%x "
"size %lu line %d %s\n",
(unsigned long)ret_mem,(unsigned)alloc_type,
(unsigned long)size,__LINE__,__FILE__);
@@ -804,6 +849,9 @@ dwarf_dealloc(Dwarf_Debug dbg,
unsigned int type = 0;
char * malloc_addr = 0;
struct reserve_data_s * r = 0;
+#if 0
+ Dwarf_Bool check_errmsg_list = FALSE;
+#endif
if (!space) {
#ifdef DEBUG_ALLOC
@@ -921,11 +969,15 @@ dwarf_dealloc(Dwarf_Debug dbg,
if (ep->er_static_alloc == DE_MALLOC) {
/* This is special, we had no arena
but have a full special area as normal. */
+#if 0
+ check_errmsg_list = TRUE;
+#endif
#ifdef DEBUG_ALLOC
printf("DEALLOC does free, DE_MALLOC line %d %s\n",
__LINE__,__FILE__);
fflush(stdout);
#endif /* DEBUG_ALLOC*/
+ _dwarf_remove_from_staticerrlist(space);
}
/* Was normal alloc, use normal dealloc. */
/* DW_DLA_ERROR has a specialdestructor */
diff --git a/src/lib/libdwarf/dwarf_error.c b/src/lib/libdwarf/dwarf_error.c
index e49706693..73f60f2b3 100644
--- a/src/lib/libdwarf/dwarf_error.c
+++ b/src/lib/libdwarf/dwarf_error.c
@@ -140,7 +140,8 @@ _dwarf_error_string(Dwarf_Debug dbg, Dwarf_Error * error,
errptr = &_dwarf_failsafe_error;
errptr->er_static_alloc = DE_STATIC;
#ifdef DEBUG
- printf("libdwarf no dbg, fullystatic, "
+ printf("libdwarf no dbg to dwarf_error_string,"
+ " fullystatic, "
"using DE_STATIC alloc, addr"
" 0x%lx line %d %s\n",
(unsigned long)errptr,
@@ -150,7 +151,7 @@ _dwarf_error_string(Dwarf_Debug dbg, Dwarf_Error * error,
errptr->er_static_alloc = DE_MALLOC;
#ifdef DEBUG
- printf("libdwarf no dbg,leaks, "
+ printf("libdwarf no dbg, add to static_err_list "
"static DE_MALLOC alloc, addr"
" 0x%lx line %d %s\n",
(unsigned long)errptr,

BIN
libdwarf-0.9.1.tar.xz
View File

Binary file not shown.

BIN
libdwarf-20201020.tar.gz Normal file
View File

Binary file not shown.

51
libdwarf.spec
View File

@ -1,13 +1,11 @@
Name: libdwarf Name: libdwarf
Epoch: 1 Version: 20201020
Version: 0.9.1
Release: 1 Release: 1
Summary: Library to access DWARF debugging information Summary: Library to access DWARF debugging information
License: LGPLv2 License: LGPLv2
URL: http://www.prevanders.net/dwarf.html URL: http://www.prevanders.net/dwarf.html
Source0: https://www.prevanders.net/%{name}-%{version}.tar.xz Source0: http://www.prevanders.net/%{name}-%{version}.tar.gz
Patch0: CVE-2024-2002.patch BuildRequires: gcc binutils-devel elfutils-libelf-devel dos2unix
BuildRequires: gcc make python3
%description %description
Libdwarf is a library of functions to provide read/write DWARF Libdwarf is a library of functions to provide read/write DWARF
@ -15,7 +13,7 @@ debugging records.
%package devel %package devel
Summary: Library and header files of libdwarf Summary: Library and header files of libdwarf
Requires: %{name} = %{epoch}:%{version}-%{release} Requires: %{name} = %{version}-%{release}
Provides: libdwarf-static = %{version}-%{release} Provides: libdwarf-static = %{version}-%{release}
Obsoletes: libdwarf-static < %{version}-%{release} Obsoletes: libdwarf-static < %{version}-%{release}
@ -24,7 +22,7 @@ Libdwarf-devel provides libraries and header files for libdwarf.
%package tools %package tools
Summary: Tools to access the DWARF debugging file format Summary: Tools to access the DWARF debugging file format
Requires: %{name} = %{epoch}:%{version}-%{release} Requires: %{name} = %{version}-%{release}
%description tools %description tools
Libdwarf-tools contains dwarfdump, a tool to access DWARF debug information. Libdwarf-tools contains dwarfdump, a tool to access DWARF debug information.
@ -34,7 +32,6 @@ Libdwarf-tools contains dwarfdump, a tool to access DWARF debug information.
%prep %prep
%autosetup -n %{name}-%{version} -p1 %autosetup -n %{name}-%{version} -p1
%build %build
%configure --enable-shared %configure --enable-shared
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
@ -43,50 +40,42 @@ sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
%install %install
%make_install %make_install
install -d %{buildroot}%{_includedir}/libdwarf
mv %{buildroot}%{_includedir}/*.h %{buildroot}%{_includedir}/libdwarf
%delete_la
%check %check
LD_LIBRARY_PATH=$PWD/libdwarf/.libs %__make check
LD_LIBRARY_PATH=$PWD/src/lib/libdwarf/.libs TZ=:America/Los_Angeles %__make check
%files %files
%defattr(-,root,root) %defattr(-,root,root)
%license src/lib/libdwarf/{COPYING,LIBDWARFCOPYRIGHT,LGPL.txt} %license libdwarf/{COPYING,LIBDWARFCOPYRIGHT,LGPL.txt}
%{_libdir}/libdwarf.so.0 %{_libdir}/libdwarf.so.*
%{_libdir}/libdwarf.so.0.* %exclude %{_datadir}/libdwarf
%files devel %files devel
%defattr(-,root,root) %defattr(-,root,root)
%{_includedir}/libdwarf-0 %{_includedir}/libdwarf
%{_libdir}/pkgconfig/libdwarf.pc %{_libdir}/{libdwarf.so,libdwarf.a}
%{_libdir}/libdwarf.so
%{_libdir}/libdwarf.a
%exclude %{_libdir}/*.la
%files tools %files tools
%defattr(-,root,root) %defattr(-,root,root)
%license src/bin/dwarfdump/{COPYING,DWARFDUMPCOPYRIGHT,GPL.txt} %doc dwarfdump/{README,ChangeLog}
%license dwarfdump/{COPYING,DWARFDUMPCOPYRIGHT,GPL.txt}
%{_bindir}/dwarfdump %{_bindir}/dwarfdump
%{_datadir}/dwarfdump/dwarfdump.conf %{_datadir}/dwarfdump/dwarfdump.conf
%files help %files help
%defattr(-,root,root) %defattr(-,root,root)
%doc src/lib/libdwarf/{ChangeLog,README} doc/*.pdf %doc libdwarf/{ChangeLog,README,*.pdf}
%{_mandir}/man1/dwarfdump.1.gz %{_mandir}/man1/dwarfdump.1.gz
%changelog %changelog
* Mon Mar 25 2024 wangkai <13474090681@163.com> - 1:0.9.1-1 * Mon Nov 16 2020 SimpleUpdate Robot <tc@openeuler.org> - 20201020-1
- Update to 0.9.1 and fix CVE-2024-2002
* Thu Jun 15 2023 liyanan <thistleslyn@163.com> - 0.7.0-1
- Update to 0.7.0
* Tue Jul 26 2022 panys<panyanshuang@nati-gba.cn> - 20210528-1
- upgrade to version 20210528
* Tue Nov 24 2020 SimpleUpdate Robot <tc@openeuler.org> - 20201020-1
- Upgrade to version 20201020 - Upgrade to version 20201020
* Sun Jun 21 2020 hanhui<hanhui15@huawei.com> - 20200114 * Fri Jun 21 2020 hanhui<hanhui15@huawei.com> - 20200114
- Mainline branch update to 20200114 - Mainline branch update to 20200114
* Tue Apr 21 2020 songnannan <songnannan2@huawei.com> - 20200114 * Tue Apr 21 2020 songnannan <songnannan2@huawei.com> - 20200114

9
libdwarf.yaml
View File

@ -1,4 +1,5 @@
version_control: github git_url: git://git.code.sf.net/p/libdwarf/code
src_repo: davea42/libdwarf-code version_control: git
tag_prefix: "^v" src_repo: git://git.code.sf.net/p/libdwarf/code
separator: "." tag_prefix:
seperator: "."