aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Clifton <nickc@redhat.com>2014-10-31 18:00:55 +0000
committerNick Clifton <nickc@redhat.com>2014-10-31 18:00:55 +0000
commit690725fa0d98ae52c991f4b3ea58b6b47b4fbc80 (patch)
treebf814edbe98ad8ecce2cec83644efe9b8af7acf0
parentf54498b45795194df671207c6ef3d6cd6d0c0ebb (diff)
downloadgdb-690725fa0d98ae52c991f4b3ea58b6b47b4fbc80.zip
gdb-690725fa0d98ae52c991f4b3ea58b6b47b4fbc80.tar.gz
gdb-690725fa0d98ae52c991f4b3ea58b6b47b4fbc80.tar.bz2
Fix an (almost) infinite loop in the tekhex parser.
PR binutils/17512 * tekhex.c (first_phase): Check that the section range is sane.
-rw-r--r--bfd/ChangeLog1
-rw-r--r--bfd/tekhex.c3
2 files changed, 4 insertions, 0 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index accbcc9..d861257 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -5,6 +5,7 @@
symbol table bigger than the file.
* elf.c (bfd_elf_get_str_section): Do not try to load a string
table bigger than the file.
+ * tekhex.c (first_phase): Check that the section range is sane.
2014-10-30 Nick Clifton <nickc@redhat.com>
diff --git a/bfd/tekhex.c b/bfd/tekhex.c
index 2220d50..85f5593 100644
--- a/bfd/tekhex.c
+++ b/bfd/tekhex.c
@@ -403,6 +403,9 @@ first_phase (bfd *abfd, int type, char *src)
if (!getvalue (&src, &val))
return FALSE;
section->size = val - section->vma;
+ /* PR binutils/17512: Make sure that the size is sane. */
+ if (section->size > (bfd_size_type) bfd_get_size (abfd))
+ return FALSE;
section->flags = SEC_HAS_CONTENTS | SEC_LOAD | SEC_ALLOC;
break;
case '0':