MatCat.OpenSource/8sa1-binutils-gdb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix an illegal memory access in the BFD library which can be triggered by attempting to parse a corrupt PE format file.

Browse Source 
PR26240
	* coffgen.c (coff_get_normalized_symtab): Fix off-by-one error in
	check for aux entries that overflow the buufer.
This commit is contained in:
Nick Clifton 2020-07-15 11:09:59 +01:00
parent 52781cce79
commit 4fd8d58564
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
bfd/ChangeLog
View File

@ -1,3 +1,9 @@
2020-07-15 Nick Clifton <nickc@redhat.com>
PR26240
* coffgen.c (coff_get_normalized_symtab): Fix off-by-one error in
check for aux entries that overflow the buufer.
2020-07-15 Hans-Peter Nilsson <hp@bitrange.com> 2020-07-15 Hans-Peter Nilsson <hp@bitrange.com>
* elf64-mmix.c (mmix_elf_relax_section): Improve accounting for * elf64-mmix.c (mmix_elf_relax_section): Improve accounting for

2
bfd/coffgen.c
View File

@ -1814,7 +1814,7 @@ coff_get_normalized_symtab (bfd *abfd)
internal_ptr->is_sym = TRUE; internal_ptr->is_sym = TRUE;
/* PR 17512: Prevent buffer overrun. */ /* PR 17512: Prevent buffer overrun. */
if (symbol_ptr->u.syment.n_numaux > (raw_end - raw_src) / symesz) if (symbol_ptr->u.syment.n_numaux > ((raw_end - 1) - raw_src) / symesz)
{ {
bfd_release (abfd, internal); bfd_release (abfd, internal);
return NULL; return NULL;