diff options
author | Alan Modra <amodra@gmail.com> | 2021-08-05 19:22:08 +0930 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2021-08-05 20:47:09 +0930 |
commit | ddbe6976d51240c806488beb53b708858d8a3a67 (patch) | |
tree | f3b38d242b52a01e7283d37da11ab7f1c3adae6a | |
parent | 6ecfe4abfd14e9c04075435210ca383a1a0191ac (diff) | |
download | gdb-ddbe6976d51240c806488beb53b708858d8a3a67.zip gdb-ddbe6976d51240c806488beb53b708858d8a3a67.tar.gz gdb-ddbe6976d51240c806488beb53b708858d8a3a67.tar.bz2 |
PR28167, vms-alpha build_module_list
PR 28167
* vms-alpha.c (build_module_list): Malloc and free section contents.
Don't read past end of section.
-rw-r--r-- | bfd/vms-alpha.c | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/bfd/vms-alpha.c b/bfd/vms-alpha.c index bd49b7a..83a103a 100644 --- a/bfd/vms-alpha.c +++ b/bfd/vms-alpha.c @@ -4796,18 +4796,14 @@ build_module_list (bfd *abfd) bfd_size_type size = bfd_section_size (dmt); unsigned char *ptr, *end; - ptr = (unsigned char *) bfd_alloc (abfd, size); - if (! ptr) - return NULL; - - if (! bfd_get_section_contents (abfd, dmt, ptr, 0, size)) + if (! bfd_malloc_and_get_section (abfd, dmt, &ptr)) return NULL; vms_debug2 ((2, "DMT\n")); end = ptr + size; - while (ptr < end) + while (end - ptr >= DBG_S_C_DMT_HEADER_SIZE) { /* Each header declares a module with its start offset and size of debug info in the DST section, as well as the count of @@ -4825,7 +4821,7 @@ build_module_list (bfd *abfd) As a consequence, the actual debug info in the DST section is shared and can be parsed multiple times; that doesn't seem to cause problems in practice. */ - while (count-- > 0) + while (count-- > 0 && end - ptr >= DBG_S_C_DMT_PSECT_SIZE) { int start = bfd_getl32 (ptr + DBG_S_L_DMT_PSECT_START); int length = bfd_getl32 (ptr + DBG_S_L_DMT_PSECT_LENGTH); @@ -4842,6 +4838,7 @@ build_module_list (bfd *abfd) start, length)); } } + free (ptr); } else { |