diff options
author | Alan Modra <amodra@gmail.com> | 2023-03-06 10:43:16 +1030 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2023-03-06 13:11:22 +1030 |
commit | d919194f08518c8bb9904f76c1077c4ac2037475 (patch) | |
tree | b2da32a099f77e80674cad68b145cfcd02457c29 | |
parent | ffdfc835ddd5e3eb7254aef9f003020d968be5b7 (diff) | |
download | binutils-d919194f08518c8bb9904f76c1077c4ac2037475.zip binutils-d919194f08518c8bb9904f76c1077c4ac2037475.tar.gz binutils-d919194f08518c8bb9904f76c1077c4ac2037475.tar.bz2 |
Correct odd loop in ecoff lookup_line
I can't see why this really odd looking loop was written the way it
was in commit a877f5917f90, but it can result in a buffer overrun.
* ecofflink.c (lookup_line): Don't swap in pdr at pdr_end.
-rw-r--r-- | bfd/ecofflink.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/bfd/ecofflink.c b/bfd/ecofflink.c index 422ce57..00f1e3d 100644 --- a/bfd/ecofflink.c +++ b/bfd/ecofflink.c @@ -2093,7 +2093,7 @@ lookup_line (bfd *abfd, because we iterate over every FDR rather than just ones with a base address less than or equal to 'offset'. */ bfd_signed_vma dist = -1, min_dist = -1; - char *pdr_hold; + char *pdr_hold = NULL; char *pdr_end; fdr_ptr = tab[i].fdr; @@ -2101,17 +2101,14 @@ lookup_line (bfd *abfd, pdr_ptr = ((char *) debug_info->external_pdr + fdr_ptr->ipdFirst * external_pdr_size); pdr_end = pdr_ptr + fdr_ptr->cpd * external_pdr_size; - (*debug_swap->swap_pdr_in) (abfd, pdr_ptr, &pdr); /* Find PDR that is closest to OFFSET. If pdr.prof is set, the procedure entry-point *may* be 0x10 below pdr.adr. We simply pretend that pdr.prof *implies* a lower entry-point. This is safe because it just means that may identify 4 NOPs in front of the function as belonging to the function. */ - for (pdr_hold = NULL; - pdr_ptr < pdr_end; - (pdr_ptr += external_pdr_size, - (*debug_swap->swap_pdr_in) (abfd, pdr_ptr, &pdr))) + for (; pdr_ptr < pdr_end; pdr_ptr += external_pdr_size) { + (*debug_swap->swap_pdr_in) (abfd, pdr_ptr, &pdr); if (offset >= (pdr.adr - 0x10 * pdr.prof)) { dist = offset - (pdr.adr - 0x10 * pdr.prof); |