diff --git a/pkgs/development/tools/misc/binutils/CVE-2020-35448.patch b/pkgs/development/tools/misc/binutils/CVE-2020-35448.patch deleted file mode 100644 index 2eba7b51849f..000000000000 --- a/pkgs/development/tools/misc/binutils/CVE-2020-35448.patch +++ /dev/null @@ -1,77 +0,0 @@ -From 8642dafaef21aa6747cec01df1977e9c52eb4679 Mon Sep 17 00:00:00 2001 -From: Alan Modra -Date: Fri, 4 Sep 2020 19:19:18 +0930 -Subject: [PATCH] PR26574, heap buffer overflow in - _bfd_elf_slurp_secondary_reloc_section - -A horribly fuzzed object with section headers inside the ELF header. -Disallow that, and crazy reloc sizes. - - PR 26574 - * elfcode.h (elf_object_p): Sanity check section header offset. - * elf.c (_bfd_elf_slurp_secondary_reloc_section): Sanity check - sh_entsize. ---- - bfd/elf.c | 4 +++- - bfd/elfcode.h | 8 ++++---- - 3 files changed, 14 insertions(+), 5 deletions(-) - -diff --git a/bfd/elf.c b/bfd/elf.c -index ac2095f787d..5a02f8dc309 100644 ---- a/bfd/elf.c -+++ b/bfd/elf.c -@@ -12576,7 +12576,9 @@ _bfd_elf_slurp_secondary_reloc_section (bfd * abfd, - Elf_Internal_Shdr * hdr = & elf_section_data (relsec)->this_hdr; - - if (hdr->sh_type == SHT_SECONDARY_RELOC -- && hdr->sh_info == (unsigned) elf_section_data (sec)->this_idx) -+ && hdr->sh_info == (unsigned) elf_section_data (sec)->this_idx -+ && (hdr->sh_entsize == ebd->s->sizeof_rel -+ || hdr->sh_entsize == ebd->s->sizeof_rela)) - { - bfd_byte * native_relocs; - bfd_byte * native_reloc; -diff --git a/bfd/elfcode.h b/bfd/elfcode.h -index 2ed2f135c34..606ff64fd4d 100644 ---- a/bfd/elfcode.h -+++ b/bfd/elfcode.h -@@ -571,7 +571,7 @@ elf_object_p (bfd *abfd) - - /* If this is a relocatable file and there is no section header - table, then we're hosed. */ -- if (i_ehdrp->e_shoff == 0 && i_ehdrp->e_type == ET_REL) -+ if (i_ehdrp->e_shoff < sizeof (x_ehdr) && i_ehdrp->e_type == ET_REL) - goto got_wrong_format_error; - - /* As a simple sanity check, verify that what BFD thinks is the -@@ -581,7 +581,7 @@ elf_object_p (bfd *abfd) - goto got_wrong_format_error; - - /* Further sanity check. */ -- if (i_ehdrp->e_shoff == 0 && i_ehdrp->e_shnum != 0) -+ if (i_ehdrp->e_shoff < sizeof (x_ehdr) && i_ehdrp->e_shnum != 0) - goto got_wrong_format_error; - - ebd = get_elf_backend_data (abfd); -@@ -618,7 +618,7 @@ elf_object_p (bfd *abfd) - && ebd->elf_osabi != ELFOSABI_NONE) - goto got_wrong_format_error; - -- if (i_ehdrp->e_shoff != 0) -+ if (i_ehdrp->e_shoff >= sizeof (x_ehdr)) - { - file_ptr where = (file_ptr) i_ehdrp->e_shoff; - -@@ -819,7 +819,7 @@ elf_object_p (bfd *abfd) - } - } - -- if (i_ehdrp->e_shstrndx != 0 && i_ehdrp->e_shoff != 0) -+ if (i_ehdrp->e_shstrndx != 0 && i_ehdrp->e_shoff >= sizeof (x_ehdr)) - { - unsigned int num_sec; - --- -2.27.0 - - diff --git a/pkgs/development/tools/misc/binutils/bfd-elf-Dont-read-non-existing-secondary-relocs.patch b/pkgs/development/tools/misc/binutils/bfd-elf-Dont-read-non-existing-secondary-relocs.patch deleted file mode 100644 index c166066c9803..000000000000 --- a/pkgs/development/tools/misc/binutils/bfd-elf-Dont-read-non-existing-secondary-relocs.patch +++ /dev/null @@ -1,26 +0,0 @@ -X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=blobdiff_plain;f=bfd%2Felf.c;h=af62aadc3d446cd5b1f0201b207c90c22e7809b1;hp=36733e080dd9d9be28b576b246aaf5bd8c8569c7;hb=84fd26d8209e99fc3a432dd0b09b6c053de1ce65;hpb=abe2a28aaa7a2bfd0f3061c72a98eb898976b721 - -diff --git a/bfd/elf.c b/bfd/elf.c -index 36733e080dd..af62aadc3d4 100644 ---- a/bfd/elf.c -+++ b/bfd/elf.c -@@ -2454,6 +2454,8 @@ bfd_section_from_shdr (bfd *abfd, unsigned int shindex) - "for section %pA found - ignoring"), - abfd, name, target_sect); - } -+ else -+ esdt->has_secondary_relocs = TRUE; - goto success; - } - -@@ -12587,6 +12589,9 @@ _bfd_elf_slurp_secondary_reloc_section (bfd * abfd, - #endif - r_sym = elf32_r_sym; - -+ if (!elf_section_data (sec)->has_secondary_relocs) -+ return TRUE; -+ - /* Discover if there are any secondary reloc sections - associated with SEC. */ - for (relsec = abfd->sections; relsec != NULL; relsec = relsec->next) - diff --git a/pkgs/development/tools/misc/binutils/default.nix b/pkgs/development/tools/misc/binutils/default.nix index 8d759457fa11..6128224b852c 100644 --- a/pkgs/development/tools/misc/binutils/default.nix +++ b/pkgs/development/tools/misc/binutils/default.nix @@ -27,7 +27,7 @@ assert gold -> execFormatIsELF stdenv.targetPlatform; let reuseLibs = enableShared && withAllTargets; - version = "2.35.2"; + version = "2.37"; basename = "binutils"; # The targetPrefix prepended to binary names to allow multiple binuntils on the # PATH to both be usable. @@ -39,10 +39,11 @@ let rev = "708acc851880dbeda1dd18aca4fd0a95b2573b36"; sha256 = "1kdrz6fki55lm15rwwamn74fnqpy0zlafsida2zymk76n3656c63"; }; + # HACK to ensure that we preserve source from bootstrap binutils to not rebuild LLVM normal-src = stdenv.__bootPackages.binutils-unwrapped.src or (fetchurl { url = "mirror://gnu/binutils/${basename}-${version}.tar.bz2"; - sha256 = "sha256-z6dkTb7PRZHhNutAfBwdoWV4vSsD8MLorNzroZS7nWE="; + sha256 = "sha256-Z/waQDDQjuh3pIZ9PcqzWCgUj4fh/QXabbWF7VoWa9Q="; }); in @@ -56,11 +57,6 @@ stdenv.mkDerivation { # Make binutils output deterministic by default. ./deterministic.patch - # Help bfd choose between elf32-littlearm, elf32-littlearm-symbian, and - # elf32-littlearm-vxworks in favor of the first. - # https://github.com/NixOS/nixpkgs/pull/30484#issuecomment-345472766 - ./disambiguate-arm-targets.patch - # For some reason bfd ld doesn't search DT_RPATH when cross-compiling. It's # not clear why this behavior was decided upon but it has the unfortunate # consequence that the linker will fail to find transitive dependencies of @@ -69,23 +65,6 @@ stdenv.mkDerivation { # cross-compiling. ./always-search-rpath.patch - # Fix quadratic slowdown in `strip` performance. - # See #129467 and https://sourceware.org/bugzilla/show_bug.cgi?id=28058 - # Remove when we're on binutils > 2.36.1. - # The patch is downloaded from - # https://sourceware.org/git/?p=binutils-gdb.git;a=blobdiff_plain;f=bfd/elf.c;h=af62aadc3d446cd5b1f0201b207c90c22e7809b1;hp=36733e080dd9d9be28b576b246aaf5bd8c8569c7;hb=84fd26d8209e99fc3a432dd0b09b6c053de1ce65;hpb=abe2a28aaa7a2bfd0f3061c72a98eb898976b721 - # which is the 2.36 backport (using `TRUE` instead of `true` of binutils master commit: - # https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=956ea65cd707707c0f725930214cbc781367a831 - ./bfd-elf-Dont-read-non-existing-secondary-relocs.patch - - # Fix building plv8’s v8. - # https://github.com/NixOS/nixpkgs/issues/134190 - # Obtained from: https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=586e30940e640f67bd55bd72e1d1355a4faf8079 - ./gold-Update-GNU_PROPERTY_X86_XXX-macros.patch - - ./CVE-2020-35448.patch - ./CVE-2021-3487.patch - ./CVE-2021-45078.patch ] ++ lib.optional stdenv.targetPlatform.isiOS ./support-ios.patch ++ # This patch was suggested by Nick Clifton to fix # https://sourceware.org/bugzilla/show_bug.cgi?id=16177 diff --git a/pkgs/development/tools/misc/binutils/disambiguate-arm-targets.patch b/pkgs/development/tools/misc/binutils/disambiguate-arm-targets.patch deleted file mode 100644 index abbfa73da05d..000000000000 --- a/pkgs/development/tools/misc/binutils/disambiguate-arm-targets.patch +++ /dev/null @@ -1,23 +0,0 @@ -diff --git a/bfd/elf32-arm.c b/bfd/elf32-arm.c -index 9f956d3..f5b61f1 100644 ---- a/bfd/elf32-arm.c -+++ b/bfd/elf32-arm.c -@@ -19585,7 +19585,10 @@ elf32_arm_vxworks_final_write_processing (bfd *abfd, bfd_boolean linker) - #undef ELF_MAXPAGESIZE - #define ELF_MAXPAGESIZE 0x1000 - -+/* Prioritize elf32-*arm (priority 1) over elf32-*arm-vxworks (priority 2) */ -+#define elf_match_priority 2 - #include "elf32-target.h" -+#undef elf_match_priority - - - /* Merge backend specific data from an object file to the output -@@ -19974,4 +19977,7 @@ elf32_arm_symbian_plt_sym_val (bfd_vma i, const asection *plt, - #undef ELF_MAXPAGESIZE - #define ELF_MAXPAGESIZE 0x8000 - -+/* Prioritize elf32-*arm (priority 1) over elf32-*arm-symbian (priority 2) */ -+#define elf_match_priority 2 - #include "elf32-target.h" -+#undef elf_match_priority