aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Clifton <nickc@redhat.com>2015-02-13 12:14:05 +0000
committerNick Clifton <nickc@redhat.com>2015-02-13 12:14:05 +0000
commit951eaaec17411eba4debe19781f6b8b54306256e (patch)
tree1be6fd05bc2f063241cddccb211b06acfc99290b
parentf641dd969f91a83adf319b269c2411141b0a26a9 (diff)
downloadgdb-951eaaec17411eba4debe19781f6b8b54306256e.zip
gdb-951eaaec17411eba4debe19781f6b8b54306256e.tar.gz
gdb-951eaaec17411eba4debe19781f6b8b54306256e.tar.bz2
Fix illegal memory access errors triggered by running srconv on fuzzed binaries.
PR binutils/17512 * dwarf.c (read_leb128): Fix test for shift becoming too large. * coffgrok.c (do_define): Add check for type size overflow. * srconv.c (walk_tree_sfile): Check that enough sections are available before parsing. (prescan): Likewise.
-rw-r--r--binutils/ChangeLog10
-rw-r--r--binutils/coffgrok.c6
-rw-r--r--binutils/srconv.c6
3 files changed, 17 insertions, 5 deletions
diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index 9b835dd..4325f3a 100644
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,3 +1,13 @@
+2015-02-13 Nick Clifton <nickc@redhat.com>
+
+ PR binutils/17512
+ * dwarf.c (read_leb128): Fix test for shift becoming too large.
+
+ * coffgrok.c (do_define): Add check for type size overflow.
+ * srconv.c (walk_tree_sfile): Check that enough sections are
+ available before parsing.
+ (prescan): Likewise.
+
2015-02-13 Alan Modra <amodra@gmail.com>
* dwarf.c: Formatting, whitespace.
diff --git a/binutils/coffgrok.c b/binutils/coffgrok.c
index 2bbfdc4..0b953e8 100644
--- a/binutils/coffgrok.c
+++ b/binutils/coffgrok.c
@@ -668,12 +668,10 @@ do_define (unsigned int i, struct coff_scope *b)
if (!is->init)
{
- long high = s->where->offset + s->type->size;
-
is->low = s->where->offset;
- is->high = high;
+ is->high = s->where->offset + s->type->size;
/* PR 17512: file: 37e7a80d. */
- if (is->high != high)
+ if (is->high < s->where->offset)
fatal (_("Out of range type size: %u"), s->type->size);
is->init = 1;
is->parent = s->where->section;
diff --git a/binutils/srconv.c b/binutils/srconv.c
index 63c6940..7abbb66 100644
--- a/binutils/srconv.c
+++ b/binutils/srconv.c
@@ -1204,6 +1204,8 @@ walk_tree_sfile (struct coff_section *section, struct coff_sfile *sfile)
static void
wr_program_structure (struct coff_ofile *p, struct coff_sfile *sfile)
{
+ if (p->nsections < 4)
+ return;
walk_tree_sfile (p->sections + 4, sfile);
}
@@ -1705,6 +1707,9 @@ prescan (struct coff_ofile *otree)
struct coff_symbol *s;
struct coff_section *common_section;
+ if (otree->nsections < 3)
+ return;
+
/* Find the common section - always section 3. */
common_section = otree->sections + 3;
@@ -1715,7 +1720,6 @@ prescan (struct coff_ofile *otree)
if (s->visible->type == coff_vis_common)
{
struct coff_where *w = s->where;
-
/* s->visible->type = coff_vis_ext_def; leave it as common */
common_section->size = align (common_section->size);
w->offset = common_section->size + common_section->address;