Fixes illegal memory access errors and arithmetic overflows when running strip on fuzzed binaries.

	PR binutils/17512
	* coffcode.h (coff_compute_section_file_positions): Report
	negative page sizes.
	* elf.c (elf_fake_sections): Handle excessive alignmment powers.
	(assign_file_positions_for_non_load_sections): Replace assertion
	with an error message.
	(rewrite_elf_program_header): Handle excessive segment
	alignments.
	* mach-o.c (bfd_mach_o_read_section_32): Likewise.
	(bfd_mach_o_read_section_64): Likewise.
	* peXXigen.c (_bfd_XX_bfd_copy_private_bfd_data_common): Use %B to
	print a bfd name, not %A.

1 files changed, 13 insertions, 0 deletions

diff --git a/bfd/mach-o.c b/bfd/mach-o.c
index 955685f..010a076 100644
--- a/bfd/mach-o.c
+++ b/bfd/mach-o.c
@@ -3469,6 +3469,13 @@ bfd_mach_o_read_section_32 (bfd *abfd,
   section->size = bfd_h_get_32 (abfd, raw.size);
   section->offset = bfd_h_get_32 (abfd, raw.offset);
   section->align = bfd_h_get_32 (abfd, raw.align);
+  /* PR 17512: file: 0017eb76.  */
+  if (section->align > 64)
+    {
+      (*_bfd_error_handler) (_("bfd_mach_o_read_section_32: overlarge alignment value: 0x%x, using 32 instead"),
+			     section->align);
+      section->align = 32;
+    }
   section->reloff = bfd_h_get_32 (abfd, raw.reloff);
   section->nreloc = bfd_h_get_32 (abfd, raw.nreloc);
   section->flags = bfd_h_get_32 (abfd, raw.flags);
@@ -3508,6 +3515,12 @@ bfd_mach_o_read_section_64 (bfd *abfd,
   section->size = bfd_h_get_64 (abfd, raw.size);
   section->offset = bfd_h_get_32 (abfd, raw.offset);
   section->align = bfd_h_get_32 (abfd, raw.align);
+  if (section->align > 64)
+    {
+      (*_bfd_error_handler) (_("bfd_mach_o_read_section_64: overlarge alignment value: 0x%x, using 32 instead"),
+			     section->align);
+      section->align = 32;
+    }
   section->reloff = bfd_h_get_32 (abfd, raw.reloff);
   section->nreloc = bfd_h_get_32 (abfd, raw.nreloc);
   section->flags = bfd_h_get_32 (abfd, raw.flags);