From 644c4c80f9dd4e06eb9cae2ae391e2b4f2b36fff Mon Sep 17 00:00:00 2001 From: Richard Sandiford Date: Thu, 6 Jun 2002 09:24:56 +0000 Subject: * stabs.c (_bfd_link_section_stabs): Check that the symbol offset is within the .stabstr section. --- bfd/ChangeLog | 5 +++++ bfd/stabs.c | 16 +++++++++++++--- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 772c075..51f9a90 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,8 @@ +2002-06-06 Richard Sandiford + + * stabs.c (_bfd_link_section_stabs): Check that the symbol offset + is within the .stabstr section. + 2002-06-06 Alan Modra * elf-bfd.h (struct elf_size_info ): Function args diff --git a/bfd/stabs.c b/bfd/stabs.c index bba4a6d..e225d9c 100644 --- a/bfd/stabs.c +++ b/bfd/stabs.c @@ -284,6 +284,7 @@ _bfd_link_section_stabs (abfd, psinfo, stabsec, stabstrsec, psecinfo) sym < symend; sym += STABSIZE, ++pstridx) { + bfd_size_type symstroff; int type; const char *string; @@ -311,9 +312,18 @@ _bfd_link_section_stabs (abfd, psinfo, stabsec, stabstrsec, psecinfo) } /* Store the string in the hash table, and record the index. */ - string = ((char *) stabstrbuf - + stroff - + bfd_get_32 (abfd, sym + STRDXOFF)); + symstroff = stroff + bfd_get_32 (abfd, sym + STRDXOFF); + if (symstroff >= stabstrsec->_raw_size) + { + (*_bfd_error_handler) + (_("%s(%s+0x%lx): Stabs entry has invalid string index."), + bfd_archive_filename (abfd), + bfd_get_section_name (abfd, stabsec), + (long) (sym - stabbuf)); + bfd_set_error (bfd_error_bad_value); + goto error_return; + } + string = (char *) stabstrbuf + symstroff; *pstridx = _bfd_stringtab_add (sinfo->strings, string, true, true); /* An N_BINCL symbol indicates the start of the stabs entries -- cgit v1.1