diff options
| author | Alan Modra <amodra@gmail.com> | 2014-11-19 19:10:49 +1030 |
|---|---|---|
| committer | Alan Modra <amodra@gmail.com> | 2014-11-26 13:29:29 +1030 |
| commit | 601a03ba3d521989584a1f8abd5678040e0218cf (patch) | |
| tree | ef07ef784834e0b3cd7ca9e5879f23e54c0eb405 /bfd/ChangeLog | |
| parent | a3e60ddb0b43a3aed32f2982d472ab305c7e8f67 (diff) | |
| download | gdb-601a03ba3d521989584a1f8abd5678040e0218cf.zip gdb-601a03ba3d521989584a1f8abd5678040e0218cf.tar.gz gdb-601a03ba3d521989584a1f8abd5678040e0218cf.tar.bz2 | |
_bfd_elf_slurp_version_tables tidy
The internal verref buffer is allocated with bfd_zalloc, based on a
count given in headers. If the headers are broken/fuzzed and contain
an enormous count the alloc can result in OOM. If we first read the
external verrefs (into a buffer that isn't zeroed on allocation) then
the read provides a sanity check on the headers.
Also prints an error for version info that fails other sanity checks.
* elf.c (_bfd_elf_slurp_version_tables): Delay allocation of
internal verref buffer. Error for zero sh_info. Print errors.
Check for zero vd_ndx. Use bfd_zalloc for vd_auxptr buffer.
Diffstat (limited to 'bfd/ChangeLog')
| -rw-r--r-- | bfd/ChangeLog | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 54942a1..d188bd7 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,9 @@ +2014-11-26 Alan Modra <amodra@gmail.com> + + * elf.c (_bfd_elf_slurp_version_tables): Delay allocation of + internal verref buffer. Error for zero sh_info. Print errors. + Check for zero vd_ndx. Use bfd_zalloc for vd_auxptr buffer. + 2014-11-25 H.J. Lu <hongjiu.lu@intel.com> * targets.c (BFD_JUMP_TABLE_SYMBOLS): Use |