aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Clifton <nickc@redhat.com>2020-01-03 16:17:53 +0000
committerNick Clifton <nickc@redhat.com>2020-01-03 16:17:53 +0000
commitf2a3559d54602cecfec6d90f792be4a70ad918ab (patch)
tree6b09fb76e0f1b3b0e22c8020851cd3010bbbd4d4
parent7a0fb7be96e0ce79e1ae429bc1ba913e5244d537 (diff)
downloadgdb-f2a3559d54602cecfec6d90f792be4a70ad918ab.zip
gdb-f2a3559d54602cecfec6d90f792be4a70ad918ab.tar.gz
gdb-f2a3559d54602cecfec6d90f792be4a70ad918ab.tar.bz2
Fix potential illegal memory access when parsing a corrupt PEF format file.
PR 25307 (bfd_pef_parse_function_stubs): Correct the test that ensures that there is enough data remaining in the code buffer before attempting to read a function stub.
-rw-r--r--bfd/ChangeLog7
-rw-r--r--bfd/pef.c2
2 files changed, 8 insertions, 1 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 7fb5bca..0ad28a7 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,5 +1,12 @@
2020-01-03 Nick Clifton <nickc@redhat.com>
+ PR 25307
+ (bfd_pef_parse_function_stubs): Correct the test that ensures that
+ there is enough data remaining in the code buffer before
+ attempting to read a function stub.
+
+2020-01-03 Nick Clifton <nickc@redhat.com>
+
PR 25308
* elf-properties.c (_bfd_elf_convert_gnu_properties): Check the
return value from bfd_malloc.
diff --git a/bfd/pef.c b/bfd/pef.c
index 726b8d7..574d9bc 100644
--- a/bfd/pef.c
+++ b/bfd/pef.c
@@ -806,7 +806,7 @@ bfd_pef_parse_function_stubs (bfd *abfd,
codepos += 4;
}
- if ((codepos + 4) > codelen)
+ if ((codepos + 24) > codelen)
break;
ret = bfd_pef_parse_function_stub (abfd, codebuf + codepos, 24, &sym_index);