diff options
author | Alan Modra <amodra@gmail.com> | 2016-09-26 17:55:08 +0930 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2016-09-26 18:02:44 +0930 |
commit | 7358f4cbaf3c6fafbbbc9703a5e2884470643bfa (patch) | |
tree | 93a9d9e5ee6ee789b6f4624536e3530c4279dc88 | |
parent | edeeb6024373d865284903f0b96b9811afde0441 (diff) | |
download | gdb-7358f4cbaf3c6fafbbbc9703a5e2884470643bfa.zip gdb-7358f4cbaf3c6fafbbbc9703a5e2884470643bfa.tar.gz gdb-7358f4cbaf3c6fafbbbc9703a5e2884470643bfa.tar.bz2 |
Fix nm potential buffer overflow
get_coff_symbol_type had a potenial buffer overflow even with
untranslated messages.
* nm.c (get_elf_symbol_type): Don't use sprintf with translated
strings, use asprintf instead.
(get_coff_symbol_type): Likewise.
-rw-r--r-- | binutils/ChangeLog | 6 | ||||
-rw-r--r-- | binutils/nm.c | 36 |
2 files changed, 28 insertions, 14 deletions
diff --git a/binutils/ChangeLog b/binutils/ChangeLog index 1b86161..edb8cd6 100644 --- a/binutils/ChangeLog +++ b/binutils/ChangeLog @@ -1,3 +1,9 @@ +2016-09-26 Alan Modra <amodra@gmail.com> + + * nm.c (get_elf_symbol_type): Don't use sprintf with translated + strings, use asprintf instead. + (get_coff_symbol_type): Likewise. + 2016-09-19 Alan Modra <amodra@gmail.com> * nm.c (print_symbol): Remove is_synthetic param. Test sym->flags diff --git a/binutils/nm.c b/binutils/nm.c index 40e5053..1fdfae1 100644 --- a/binutils/nm.c +++ b/binutils/nm.c @@ -342,7 +342,8 @@ set_output_format (char *f) static const char * get_elf_symbol_type (unsigned int type) { - static char buff [32]; + static char *bufp; + int n; switch (type) { @@ -353,21 +354,25 @@ get_elf_symbol_type (unsigned int type) case STT_FILE: return "FILE"; case STT_COMMON: return "COMMON"; case STT_TLS: return "TLS"; - default: - if (type >= STT_LOPROC && type <= STT_HIPROC) - sprintf (buff, _("<processor specific>: %d"), type); - else if (type >= STT_LOOS && type <= STT_HIOS) - sprintf (buff, _("<OS specific>: %d"), type); - else - sprintf (buff, _("<unknown>: %d"), type); - return buff; } + + free (bufp); + if (type >= STT_LOPROC && type <= STT_HIPROC) + n = asprintf (&bufp, _("<processor specific>: %d"), type); + else if (type >= STT_LOOS && type <= STT_HIOS) + n = asprintf (&bufp, _("<OS specific>: %d"), type); + else + n = asprintf (&bufp, _("<unknown>: %d"), type); + if (n < 0) + fatal ("%s", xstrerror (errno)); + return bufp; } static const char * get_coff_symbol_type (const struct internal_syment *sym) { - static char buff [32]; + static char *bufp; + int n; switch (sym->n_sclass) { @@ -378,16 +383,19 @@ get_coff_symbol_type (const struct internal_syment *sym) if (!sym->n_type) return "None"; - + switch (DTYPE(sym->n_type)) { case DT_FCN: return "Function"; case DT_PTR: return "Pointer"; case DT_ARY: return "Array"; } - - sprintf (buff, _("<unknown>: %d/%d"), sym->n_sclass, sym->n_type); - return buff; + + free (bufp); + n = asprintf (&bufp, _("<unknown>: %d/%d"), sym->n_sclass, sym->n_type); + if (n < 0) + fatal ("%s", xstrerror (errno)); + return bufp; } /* Print symbol name NAME, read from ABFD, with printf format FORM, |