From 7c5fa58ea907c46817b915ec8b9b35a180e0e74c Mon Sep 17 00:00:00 2001 From: Alan Modra Date: Wed, 19 Feb 2020 13:14:05 +1030 Subject: bfd_get_file_size calls bfd_get_file_size can return 0, meaning the file size is unknown. * coffgen.c (_bfd_coff_get_external_symbols): Don't call bfd_get_file_size twice. (_bfd_coff_read_string_table): Allow for bfd_get_file_size zero, ie. unknown, return. * elf-attrs.c (_bfd_elf_parse_attributes): Likewise. * elfcode.h (elf_swap_shdr_in): Likewise. (elf_object_p): Don't call bfd_get_file_size twice and correct file size check. --- bfd/coffgen.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'bfd/coffgen.c') diff --git a/bfd/coffgen.c b/bfd/coffgen.c index cf115d4..5287130 100644 --- a/bfd/coffgen.c +++ b/bfd/coffgen.c @@ -1642,19 +1642,20 @@ _bfd_coff_get_external_symbols (bfd *abfd) bfd_size_type symesz; bfd_size_type size; void * syms; + ufile_ptr filesize; if (obj_coff_external_syms (abfd) != NULL) return TRUE; symesz = bfd_coff_symesz (abfd); - size = obj_raw_syment_count (abfd) * symesz; if (size == 0) return TRUE; + /* Check for integer overflow and for unreasonable symbol counts. */ + filesize = bfd_get_file_size (abfd); if (size < obj_raw_syment_count (abfd) - || (bfd_get_file_size (abfd) > 0 - && size > bfd_get_file_size (abfd))) + || (filesize != 0 && size > filesize)) { _bfd_error_handler (_("%pB: corrupt symbol count: %#" PRIx64 ""), @@ -1698,6 +1699,7 @@ _bfd_coff_read_string_table (bfd *abfd) bfd_size_type strsize; char *strings; file_ptr pos; + ufile_ptr filesize; if (obj_coff_strings (abfd) != NULL) return obj_coff_strings (abfd); @@ -1731,7 +1733,9 @@ _bfd_coff_read_string_table (bfd *abfd) #endif } - if (strsize < STRING_SIZE_SIZE || strsize > bfd_get_file_size (abfd)) + filesize = bfd_get_file_size (abfd); + if (strsize < STRING_SIZE_SIZE + || (filesize != 0 && strsize > filesize)) { _bfd_error_handler /* xgettext: c-format */ -- cgit v1.1