aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlan Modra <amodra@gmail.com>2022-10-27 16:01:17 +1030
committerAlan Modra <amodra@gmail.com>2022-10-27 17:56:51 +1030
commitffbe89531c2e9bfd81a16241e1d17fff134fab9e (patch)
treeff2b5460d7354a8840f7aa49e26fe44ca025ec53
parent686657b66cdfa4834806d33ed0435650e00905e8 (diff)
downloadgdb-ffbe89531c2e9bfd81a16241e1d17fff134fab9e.zip
gdb-ffbe89531c2e9bfd81a16241e1d17fff134fab9e.tar.gz
gdb-ffbe89531c2e9bfd81a16241e1d17fff134fab9e.tar.bz2
Fuzzed files in archives
Given a fuzzed object file in an archive with section size exceeding file size, objcopy will report an error like "section size (0xfeffffff bytes) is larger than file size (0x17a bytes)" but will create a copy of the object laid out for the large section. That means a large temporary file on disk that is read back and written to the output archive, which can take a while. The output archive is then deleted due to the error. Avoid some of this silliness. * objcopy.c (copy_section): If section contents cannot be read set output section size to zero.
-rw-r--r--binutils/objcopy.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/binutils/objcopy.c b/binutils/objcopy.c
index 6ffbdf9..d20aaef 100644
--- a/binutils/objcopy.c
+++ b/binutils/objcopy.c
@@ -4418,6 +4418,7 @@ copy_section (bfd *ibfd, sec_ptr isection, void *obfdarg)
|| !bfd_convert_section_contents (ibfd, isection, obfd,
&memhunk, &size))
{
+ bfd_set_section_size (osection, 0);
status = 1;
bfd_nonfatal_message (NULL, ibfd, isection, NULL);
free (memhunk);