diff options
| author | Nick Clifton <nickc@redhat.com> | 2019-03-14 17:21:41 +0000 |
|---|---|---|
| committer | Nick Clifton <nickc@redhat.com> | 2019-03-14 17:21:41 +0000 |
| commit | d7f848c3b51f01635557ab765f2ba176618e0bf8 (patch) | |
| tree | fa4b17aa9a406e8b4f69c11981f6337b41cf2c36 /bfd | |
| parent | 6cc71b820cc70b63711e9d7f584550b56e172b0a (diff) | |
| download | gdb-d7f848c3b51f01635557ab765f2ba176618e0bf8.zip gdb-d7f848c3b51f01635557ab765f2ba176618e0bf8.tar.gz gdb-d7f848c3b51f01635557ab765f2ba176618e0bf8.tar.bz2 | |
Fix a buffer overrun error when attempting to parse corrupt DWARF information.
PR 24334
* dwarf2.c (struct dwarf2_debug): Add sec_vma_count field.
(save_section_vma): Initialise field to the number of entries in
the sec_vma table.
(section_vma_same): Check that the number of entries in the
sec_vma table matches the number of sections in the bfd.
Diffstat (limited to 'bfd')
| -rw-r--r-- | bfd/ChangeLog | 9 | ||||
| -rw-r--r-- | bfd/dwarf2.c | 9 |
2 files changed, 18 insertions, 0 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 7ed3929..1e2681e 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,5 +1,14 @@ 2019-03-14 Nick Clifton <nickc@redhat.com> + PR 24334 + * dwarf2.c (struct dwarf2_debug): Add sec_vma_count field. + (save_section_vma): Initialise field to the number of entries in + the sec_vma table. + (section_vma_same): Check that the number of entries in the + sec_vma table matches the number of sections in the bfd. + +2019-03-14 Nick Clifton <nickc@redhat.com> + PR 24333 * elflink.c (_bfd_elf_add_default_symbol): Add a check for a NULL section owner pointer when adding the default symbol. diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c index 56557bb..e3c6d6d 100644 --- a/bfd/dwarf2.c +++ b/bfd/dwarf2.c @@ -169,6 +169,8 @@ struct dwarf2_debug /* Section VMAs at the time the stash was built. */ bfd_vma *sec_vma; + /* Number of sections in the SEC_VMA table. */ + unsigned int sec_vma_count; /* Number of sections whose VMA we must adjust. */ int adjusted_section_count; @@ -4269,6 +4271,7 @@ save_section_vma (const bfd *abfd, struct dwarf2_debug *stash) stash->sec_vma = bfd_malloc (sizeof (*stash->sec_vma) * abfd->section_count); if (stash->sec_vma == NULL) return FALSE; + stash->sec_vma_count = abfd->section_count; for (i = 0, s = abfd->sections; i < abfd->section_count; i++, s = s->next) { if (s->output_section != NULL) @@ -4292,6 +4295,12 @@ section_vma_same (const bfd *abfd, const struct dwarf2_debug *stash) asection *s; unsigned int i; + /* PR 24334: If the number of sections in ABFD has changed between + when the stash was created and now, then we cannot trust the + stashed vma information. */ + if (abfd->section_count != stash->sec_vma_count) + return FALSE; + for (i = 0, s = abfd->sections; i < abfd->section_count; i++, s = s->next) { bfd_vma vma; |