aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Clifton <nickc@redhat.com>2017-09-14 11:15:55 +0100
committerNick Clifton <nickc@redhat.com>2017-09-14 11:15:55 +0100
commit4d465c689a8fb27212ef358d0aee89d60dee69a6 (patch)
treef1cc1a65497d1b59f4143ff14822c04188011ca4
parent255300f5a96079a9860934c44bb9521e7aca45de (diff)
downloadfsf-binutils-gdb-4d465c689a8fb27212ef358d0aee89d60dee69a6.zip
fsf-binutils-gdb-4d465c689a8fb27212ef358d0aee89d60dee69a6.tar.gz
fsf-binutils-gdb-4d465c689a8fb27212ef358d0aee89d60dee69a6.tar.bz2
Fix address violation when parsing a corrupt PE binary.
PR binutils/22113 * peXXigen.c (pe_print_idata): Extend check for HintName vector entries.
-rw-r--r--bfd/ChangeLog6
-rw-r--r--bfd/peXXigen.c5
2 files changed, 9 insertions, 2 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 7c208ca..3d807b9 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2017-09-14 Nick Clifton <nickc@redhat.com>
+
+ PR binutils/22113
+ * peXXigen.c (pe_print_idata): Extend check for HintName vector
+ entries.
+
2017-09-13 H.J. Lu <hongjiu.lu@intel.com>
* elfxx-x86.h: Fix a typo in comments.
diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
index d24c5f8..db44053 100644
--- a/bfd/peXXigen.c
+++ b/bfd/peXXigen.c
@@ -1514,7 +1514,7 @@ pe_print_idata (bfd * abfd, void * vfile)
member_high, member,
WithoutHighBit (member_high), member);
/* PR binutils/17512: Handle corrupt PE data. */
- else if (amt + 2 >= datasize)
+ else if (amt >= datasize || amt + 2 >= datasize)
fprintf (file, _("\t<corrupt: 0x%04lx>"), member);
else
{
@@ -1548,11 +1548,12 @@ pe_print_idata (bfd * abfd, void * vfile)
break;
amt = member - adj;
+
if (HighBitSet (member))
fprintf (file, "\t%04lx\t %4lu <none>",
member, WithoutHighBit (member));
/* PR binutils/17512: Handle corrupt PE data. */
- else if (amt + 2 >= datasize)
+ else if (amt >= datasize || amt + 2 >= datasize)
fprintf (file, _("\t<corrupt: 0x%04lx>"), member);
else
{