diff options
| author | Nick Clifton <nickc@redhat.com> | 2019-08-05 10:40:35 +0100 |
|---|---|---|
| committer | Nick Clifton <nickc@redhat.com> | 2019-08-05 10:40:35 +0100 |
| commit | e17869db99195849826eaaf5d2d0eb2cfdd7a2a7 (patch) | |
| tree | f2fa1a8ea84149112d7aba413ece7185ed09ad82 | |
| parent | 2b79f3761c834cd217407f75f867f6a761703ab3 (diff) | |
| download | gdb-e17869db99195849826eaaf5d2d0eb2cfdd7a2a7.zip gdb-e17869db99195849826eaaf5d2d0eb2cfdd7a2a7.tar.gz gdb-e17869db99195849826eaaf5d2d0eb2cfdd7a2a7.tar.bz2 | |
Catch potential integer overflow in readelf when processing corrupt binaries.
PR 24829
* readelf.c (apply_relocations): Catch potential integer overflow
whilst checking reloc location against section size.
| -rw-r--r-- | binutils/ChangeLog | 6 | ||||
| -rw-r--r-- | binutils/readelf.c | 2 |
2 files changed, 7 insertions, 1 deletions
diff --git a/binutils/ChangeLog b/binutils/ChangeLog index f3dc48c..22a7828 100644 --- a/binutils/ChangeLog +++ b/binutils/ChangeLog @@ -1,3 +1,9 @@ +2019-08-05 Nick Clifton <nickc@redhat.com> + + PR 24829 + * readelf.c (apply_relocations): Catch potential integer overflow + whilst checking reloc location against section size. + 2019-08-02 Alan Modra <amodra@gmail.com> PR 24871 diff --git a/binutils/readelf.c b/binutils/readelf.c index b896ad9..e785fde 100644 --- a/binutils/readelf.c +++ b/binutils/readelf.c @@ -13366,7 +13366,7 @@ apply_relocations (Filedata * filedata, } rloc = start + rp->r_offset; - if ((rloc + reloc_size) > end || (rloc < start)) + if (rloc >= end || (rloc + reloc_size) > end || (rloc < start)) { warn (_("skipping invalid relocation offset 0x%lx in section %s\n"), (unsigned long) rp->r_offset, |