1 files changed, 11 insertions, 6 deletions

diff --git a/binutils/resbin.c b/binutils/resbin.c
index 01046ec..fa77cd4 100644
--- a/binutils/resbin.c
+++ b/binutils/resbin.c
@@ -433,6 +433,11 @@ bin_to_res_menuexitems (windres_bfd *wrbfd, const bfd_byte *data,
 
       itemlen = 14 + slen * 2 + 2;
       itemlen = (itemlen + 3) &~ 3;
+      /* Don't allow rounding up of itemlen to exceed length.  This
+	 is an anti-fuzzer measure to cope with unexpected offsets and
+	 lengths.   */
+      if (itemlen > length)
+	itemlen = length;
 
       if ((flags & 1) == 0)
 	{
@@ -1047,7 +1052,7 @@ get_version_header (windres_bfd *wrbfd, const bfd_byte *data,
 {
   if (length < 8)
     {
-      toosmall (key);
+      toosmall (key ? key : _("version header"));
       return false;
     }
 
@@ -1245,7 +1250,7 @@ bin_to_res_version (windres_bfd *wrbfd, const bfd_byte *data,
 
 	      vst = res_alloc (sizeof (rc_ver_stringtable));
 
-	      if (!get_version_header (wrbfd, data, length, (const char *) NULL,
+	      if (!get_version_header (wrbfd, data, length, NULL,
 				       &vst->language, &stverlen, &vallen,
 				       &type, &off))
 		return NULL;
@@ -1279,9 +1284,9 @@ bin_to_res_version (windres_bfd *wrbfd, const bfd_byte *data,
 
 		  vs = res_alloc (sizeof (rc_ver_stringinfo));
 
-		  if (!get_version_header (wrbfd, data, length,
-					   (const char *) NULL, &vs->key,
-					   &sverlen, &vallen, &type, &off))
+		  if (!get_version_header (wrbfd, data, length, NULL,
+					   &vs->key, &sverlen, &vallen,
+					   &type, &off))
 		    return NULL;
 
 		  data += off;
@@ -1343,7 +1348,7 @@ bin_to_res_version (windres_bfd *wrbfd, const bfd_byte *data,
 	  data += off;
 	  length -= off;
 
-	  if (!get_version_header (wrbfd, data, length, (const char *) NULL,
+	  if (!get_version_header (wrbfd, data, length, NULL,
 				   &vi->u.var.key, &verlen, &vallen,
 				   &type, &off))
 	    return NULL;