diff options
author | Nick Clifton <nickc@redhat.com> | 2017-11-01 12:37:33 +0000 |
---|---|---|
committer | Nick Clifton <nickc@redhat.com> | 2017-11-01 12:37:33 +0000 |
commit | e0115a844607b280449986e661f551dff49a9031 (patch) | |
tree | 8a578bf4faf84a8da0310be072a72b7f13ec3a35 | |
parent | ee357486aa87b17782111295c5e7bd4ac9e6970f (diff) | |
download | gdb-e0115a844607b280449986e661f551dff49a9031.zip gdb-e0115a844607b280449986e661f551dff49a9031.tar.gz gdb-e0115a844607b280449986e661f551dff49a9031.tar.bz2 |
Update check for invalid values in pe_bfd_read_buildid function.
PR 22373
* peicode.h (pe_bfd_read_buildid): Revise check for invalid size
and offset in light of further possible bogus values.
-rw-r--r-- | bfd/ChangeLog | 6 | ||||
-rw-r--r-- | bfd/peicode.h | 5 |
2 files changed, 8 insertions, 3 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 662ef44..60fbc9c 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,9 @@ +2017-11-01 Nick Clifton <nickc@redhat.com> + + PR 22373 + * peicode.h (pe_bfd_read_buildid): Revise check for invalid size + and offset in light of further possible bogus values. + 2017-11-01 Alan Modra <amodra@gmail.com> PR 22374 diff --git a/bfd/peicode.h b/bfd/peicode.h index f3b759c..e5cacbd 100644 --- a/bfd/peicode.h +++ b/bfd/peicode.h @@ -1329,9 +1329,8 @@ pe_bfd_read_buildid (bfd *abfd) /* PR 20605 and 22373: Make sure that the data is really there. Note - since we are dealing with unsigned quantities we have to be careful to check for potential overflows. */ - if (dataoff > section->size - || size > section->size - || dataoff + size > section->size) + if (dataoff >= section->size + || size > section->size - dataoff) { _bfd_error_handler (_("%B: Error: Debug Data ends beyond end of debug directory."), abfd); |