XCOFF64 uninitialised read

Like git commit 67338173a4. * coff64-rs6000.c (xcoff64_slurp_armap): Ensure size is large enough to read number of symbols.
author: Alan Modra <amodra@gmail.com> 2020-03-22 20:29:16 +1030
committer: Alan Modra <amodra@gmail.com> 2020-03-22 23:22:13 +1030
commit: c15a8f173e9b01dd962ba857b7deb547d34bca5b (patch)
tree: d75c77c8aba51eb72985859da3a11e82758421e7 /bfd
parent: 57cb32b3c366585f7fafd6a741771ce826ba95f3 (diff)
download: gdb-c15a8f173e9b01dd962ba857b7deb547d34bca5b.zip
gdb-c15a8f173e9b01dd962ba857b7deb547d34bca5b.tar.gz
gdb-c15a8f173e9b01dd962ba857b7deb547d34bca5b.tar.bz2
2 files changed, 7 insertions, 2 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 62e564e..2e0abc8 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,8 @@
+2020-03-22  Alan Modra  <amodra@gmail.com>
+
+	* coff64-rs6000.c (xcoff64_slurp_armap): Ensure size is large
+	enough to read number of symbols.
+
 2020-03-20  H.J. Lu  <hongjiu.lu@intel.com>
 
 	* configure.ac (HAVE_EXECUTABLE_SUFFIX): Removed.
diff --git a/bfd/coff64-rs6000.c b/bfd/coff64-rs6000.c
index cca876e..d34e259 100644
--- a/bfd/coff64-rs6000.c
+++ b/bfd/coff64-rs6000.c
@@ -1933,9 +1933,9 @@ xcoff64_slurp_armap (bfd *abfd)
     return FALSE;
 
   sz = bfd_scan_vma (hdr.size, (const char **) NULL, 10);
-  if (sz == (bfd_size_type) -1)
+  if (sz + 1 < 9)
     {
-      bfd_set_error (bfd_error_no_memory);
+      bfd_set_error (bfd_error_bad_value);
       return FALSE;
     }
author	Alan Modra <amodra@gmail.com>	2020-03-22 20:29:16 +1030
committer	Alan Modra <amodra@gmail.com>	2020-03-22 23:22:13 +1030
commit	c15a8f173e9b01dd962ba857b7deb547d34bca5b (patch)
tree	d75c77c8aba51eb72985859da3a11e82758421e7 /bfd
parent	57cb32b3c366585f7fafd6a741771ce826ba95f3 (diff)
download	gdb-c15a8f173e9b01dd962ba857b7deb547d34bca5b.zip gdb-c15a8f173e9b01dd962ba857b7deb547d34bca5b.tar.gz gdb-c15a8f173e9b01dd962ba857b7deb547d34bca5b.tar.bz2