aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Clifton <nickc@redhat.com>2017-02-13 17:51:27 +0000
committerNick Clifton <nickc@redhat.com>2017-02-13 17:51:27 +0000
commitd11135f55294d75099ad03f81bacbe8ae93a6b28 (patch)
treed7d10c037eaf7cc5341ad3aff16fd5b1882dbdc2
parent3c6452ae8df5a4707c77aacc514a3a95bf3f24b7 (diff)
downloadgdb-d11135f55294d75099ad03f81bacbe8ae93a6b28.zip
gdb-d11135f55294d75099ad03f81bacbe8ae93a6b28.tar.gz
gdb-d11135f55294d75099ad03f81bacbe8ae93a6b28.tar.bz2
Fix invalid memory access in the BFD library's DWARF parser.
PR binutils/21151 * dwarf2.c (_bfd_dwarf2_find_nearest_line): Check for an invalid unit length field.
-rw-r--r--bfd/ChangeLog6
-rw-r--r--bfd/dwarf2.c4
2 files changed, 10 insertions, 0 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index f21d654..1c3d701 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2017-02-13 Nick Clifton <nickc@redhat.com>
+
+ PR binutils/21151
+ * dwarf2.c (_bfd_dwarf2_find_nearest_line): Check for an invalid
+ unit length field.
+
2017-02-07 Andrew Waterman <andrew@sifive.com>
* elfnn-riscv.c (riscv_elf_finish_dynamic_sections): Only write PLT
diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
index 3699587..6b111d3 100644
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@@ -4294,6 +4294,10 @@ _bfd_dwarf2_find_nearest_line (bfd *abfd,
{
bfd_byte * new_ptr;
+ /* PR 21151 */
+ if (stash->info_ptr + length > stash->info_ptr_end)
+ return FALSE;
+
each = parse_comp_unit (stash, length, info_ptr_unit,
offset_size);
if (!each)