From 4931146e91c3c8208f1e0b8462b8f33e70da506a Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Thu, 28 Jul 2016 15:37:16 +0100
Subject: Fix decoding of Windows resources.

	PR binutils/17512
	* rescoff.c (read_coff_res_dir): Fix detection of buffer overrun.
	* resbin.c (bin_to_res_version): Allow for the padded length of a
	version block to be longer than the recorded length.  Skip padding
	bytes.
---
 binutils/rescoff.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'binutils/rescoff.c')

diff --git a/binutils/rescoff.c b/binutils/rescoff.c
index 74a61a7..9151eab 100644
--- a/binutils/rescoff.c
+++ b/binutils/rescoff.c
@@ -249,7 +249,7 @@ read_coff_res_dir (windres_bfd *wrbfd, const bfd_byte *data,
       for (j = 0; j < length; j++)
 	{
 	  /* PR 17512: file: 05dc4a16.  */
-	  if (length < 0 || ers >= (bfd_byte *) ere || ers + j * 2 + 4 >= (bfd_byte *) ere)
+	  if (length < 0 || ers >= flaginfo->data_end || ers + j * 2 + 4 >= flaginfo->data_end)
 	    overrun (flaginfo, _("resource name"));
 	  re->id.u.n.name[j] = windres_get_16 (wrbfd, ers + j * 2 + 2, 2);
 	}
-- 
cgit v1.1