aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlan Modra <amodra@gmail.com>2021-05-05 13:33:00 +0930
committerAlan Modra <amodra@gmail.com>2021-05-05 13:35:45 +0930
commitc38c6234f2b2425431d28449f609172aa2de549c (patch)
tree68ade1fd8aa8de5e64191ed88181efb4c6095b52
parent5318ba65f8641ddc05e330c8545f9922cd3c48d6 (diff)
downloadgdb-c38c6234f2b2425431d28449f609172aa2de549c.zip
gdb-c38c6234f2b2425431d28449f609172aa2de549c.tar.gz
gdb-c38c6234f2b2425431d28449f609172aa2de549c.tar.bz2
asan: stack-buffer-overflow vms-lib.c:367
* vms-lib.c (vms_traverse_index): Account for vms_kbn size when sanity checking keylen.
-rw-r--r--bfd/ChangeLog5
-rw-r--r--bfd/vms-lib.c2
2 files changed, 6 insertions, 1 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 0eb8618..c574570 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,8 @@
+2021-05-05 Alan Modra <amodra@gmail.com>
+
+ * vms-lib.c (vms_traverse_index): Account for vms_kbn size when
+ sanity checking keylen.
+
2021-05-04 Nick Clifton <nickc@redhat.com>
* libbfd.c (bfd_malloc): Provide some documenation. Treat a size
diff --git a/bfd/vms-lib.c b/bfd/vms-lib.c
index dc23df3..55e6130 100644
--- a/bfd/vms-lib.c
+++ b/bfd/vms-lib.c
@@ -357,7 +357,7 @@ vms_traverse_index (bfd *abfd, unsigned int vbn, struct carsym_mem *cs,
return false;
kbn = (struct vms_kbn *)(kblk + koff);
klen = bfd_getl16 (kbn->keylen);
- if (klen > sizeof (kblk) - koff)
+ if (klen > sizeof (kblk) - sizeof (struct vms_kbn) - koff)
return false;
kvbn = bfd_getl32 (kbn->rfa.vbn);
koff = bfd_getl16 (kbn->rfa.offset);