file size check in _bfd_alloc_and_read

	* coffgen.c (_bfd_coff_get_external_symbols): Remove file size check.
	* elf.c (bfd_elf_get_str_section): Likewise.
	(_bfd_elf_slurp_version_tables): Likewise.
	* libbfd-in.h (_bfd_constant_p): Define.
	(_bfd_alloc_and_read, _bfd_malloc_and_read): Check read size against
	file size before allocating memory.
	* libbfd.h: Regenerate.

1 files changed, 28 insertions, 2 deletions

diff --git a/bfd/libbfd.h b/bfd/libbfd.h
index 77c6630..2391500 100644
--- a/bfd/libbfd.h
+++ b/bfd/libbfd.h
@@ -909,10 +909,26 @@ extern bfd_vma _bfd_safe_read_leb128
   ((*res) = (a), (*res) *= (b), (b) != 0 && (*res) / (b) != (a))
 #endif
 
+#ifdef __GNUC__
+#define _bfd_constant_p(v) __builtin_constant_p (v)
+#else
+#define _bfd_constant_p(v) 0
+#endif
+
 static inline bfd_byte *
 _bfd_alloc_and_read (bfd *abfd, bfd_size_type asize, bfd_size_type rsize)
 {
-  bfd_byte *mem = bfd_alloc (abfd, asize);
+  bfd_byte *mem;
+  if (!_bfd_constant_p (rsize))
+    {
+      ufile_ptr filesize = bfd_get_file_size (abfd);
+      if (filesize != 0 && rsize > filesize)
+	{
+	  bfd_set_error (bfd_error_file_truncated);
+	  return NULL;
+	}
+    }
+  mem = bfd_alloc (abfd, asize);
   if (mem != NULL)
     {
       if (bfd_bread (mem, rsize, abfd) == rsize)
@@ -925,7 +941,17 @@ _bfd_alloc_and_read (bfd *abfd, bfd_size_type asize, bfd_size_type rsize)
 static inline bfd_byte *
 _bfd_malloc_and_read (bfd *abfd, bfd_size_type asize, bfd_size_type rsize)
 {
-  bfd_byte *mem = bfd_malloc (asize);
+  bfd_byte *mem;
+  if (!_bfd_constant_p (rsize))
+    {
+      ufile_ptr filesize = bfd_get_file_size (abfd);
+      if (filesize != 0 && rsize > filesize)
+	{
+	  bfd_set_error (bfd_error_file_truncated);
+	  return NULL;
+	}
+    }
+  mem = bfd_malloc (asize);
   if (mem != NULL)
     {
       if (bfd_bread (mem, rsize, abfd) == rsize)