aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Clifton <nickc@redhat.com>2017-11-01 12:37:33 +0000
committerNick Clifton <nickc@redhat.com>2017-11-01 12:37:33 +0000
commite0115a844607b280449986e661f551dff49a9031 (patch)
tree8a578bf4faf84a8da0310be072a72b7f13ec3a35
parentee357486aa87b17782111295c5e7bd4ac9e6970f (diff)
downloadgdb-e0115a844607b280449986e661f551dff49a9031.zip
gdb-e0115a844607b280449986e661f551dff49a9031.tar.gz
gdb-e0115a844607b280449986e661f551dff49a9031.tar.bz2
Update check for invalid values in pe_bfd_read_buildid function.
PR 22373 * peicode.h (pe_bfd_read_buildid): Revise check for invalid size and offset in light of further possible bogus values.
-rw-r--r--bfd/ChangeLog6
-rw-r--r--bfd/peicode.h5
2 files changed, 8 insertions, 3 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 662ef44..60fbc9c 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2017-11-01 Nick Clifton <nickc@redhat.com>
+
+ PR 22373
+ * peicode.h (pe_bfd_read_buildid): Revise check for invalid size
+ and offset in light of further possible bogus values.
+
2017-11-01 Alan Modra <amodra@gmail.com>
PR 22374
diff --git a/bfd/peicode.h b/bfd/peicode.h
index f3b759c..e5cacbd 100644
--- a/bfd/peicode.h
+++ b/bfd/peicode.h
@@ -1329,9 +1329,8 @@ pe_bfd_read_buildid (bfd *abfd)
/* PR 20605 and 22373: Make sure that the data is really there.
Note - since we are dealing with unsigned quantities we have
to be careful to check for potential overflows. */
- if (dataoff > section->size
- || size > section->size
- || dataoff + size > section->size)
+ if (dataoff >= section->size
+ || size > section->size - dataoff)
{
_bfd_error_handler (_("%B: Error: Debug Data ends beyond end of debug directory."),
abfd);