diff options
author | Alan Modra <amodra@gmail.com> | 2021-05-05 13:33:00 +0930 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2021-05-05 13:35:45 +0930 |
commit | c38c6234f2b2425431d28449f609172aa2de549c (patch) | |
tree | 68ade1fd8aa8de5e64191ed88181efb4c6095b52 | |
parent | 5318ba65f8641ddc05e330c8545f9922cd3c48d6 (diff) | |
download | gdb-c38c6234f2b2425431d28449f609172aa2de549c.zip gdb-c38c6234f2b2425431d28449f609172aa2de549c.tar.gz gdb-c38c6234f2b2425431d28449f609172aa2de549c.tar.bz2 |
asan: stack-buffer-overflow vms-lib.c:367
* vms-lib.c (vms_traverse_index): Account for vms_kbn size when
sanity checking keylen.
-rw-r--r-- | bfd/ChangeLog | 5 | ||||
-rw-r--r-- | bfd/vms-lib.c | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 0eb8618..c574570 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,8 @@ +2021-05-05 Alan Modra <amodra@gmail.com> + + * vms-lib.c (vms_traverse_index): Account for vms_kbn size when + sanity checking keylen. + 2021-05-04 Nick Clifton <nickc@redhat.com> * libbfd.c (bfd_malloc): Provide some documenation. Treat a size diff --git a/bfd/vms-lib.c b/bfd/vms-lib.c index dc23df3..55e6130 100644 --- a/bfd/vms-lib.c +++ b/bfd/vms-lib.c @@ -357,7 +357,7 @@ vms_traverse_index (bfd *abfd, unsigned int vbn, struct carsym_mem *cs, return false; kbn = (struct vms_kbn *)(kblk + koff); klen = bfd_getl16 (kbn->keylen); - if (klen > sizeof (kblk) - koff) + if (klen > sizeof (kblk) - sizeof (struct vms_kbn) - koff) return false; kvbn = bfd_getl32 (kbn->rfa.vbn); koff = bfd_getl16 (kbn->rfa.offset); |