diff options
| author | Alan Modra <amodra@gmail.com> | 2020-02-25 12:48:43 +1030 |
|---|---|---|
| committer | Alan Modra <amodra@gmail.com> | 2020-02-26 10:37:13 +1030 |
| commit | b570b954bc5c1d6a6edb363c7bdba814bc1fd174 (patch) | |
| tree | a7afa03ea8b4b9383264005d4f29413931a7468d /bfd/ChangeLog | |
| parent | 24a15046c0ccc7fb7b95da1bb72fa66ad6bf6382 (diff) | |
| download | gdb-b570b954bc5c1d6a6edb363c7bdba814bc1fd174.zip gdb-b570b954bc5c1d6a6edb363c7bdba814bc1fd174.tar.gz gdb-b570b954bc5c1d6a6edb363c7bdba814bc1fd174.tar.bz2 | |
Limit bogus archive parsed_size
Archive element size is given by data in the archive, and thus is
subject to attack by fuzzers. The only harm this allows is allocation
of huge amounts of memory, but some systems don't handle that well.
So limit archive element size to archive file size.
* bfdio.c (bfd_get_file_size): Ignore bogus archive element sizes.
Diffstat (limited to 'bfd/ChangeLog')
| -rw-r--r-- | bfd/ChangeLog | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 7e8e454..5855df7 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,7 @@ +2020-02-26 Alan Modra <amodra@gmail.com> + + * bfdio.c (bfd_get_file_size): Ignore bogus archive element sizes. + 2020-02-25 H.J. Lu <hongjiu.lu@intel.com> PR binutils/25584 |