diff options
| author | Nick Clifton <nickc@redhat.com> | 2021-09-07 11:47:08 +0100 |
|---|---|---|
| committer | Nick Clifton <nickc@redhat.com> | 2021-09-07 11:47:08 +0100 |
| commit | 9dc2f26777b07f9e5aa3220f7a680987ef79e75e (patch) | |
| tree | 12e1ac4726cd9bc7c88a2383ba586038b73d00e0 /bfd/elf32-xtensa.c | |
| parent | 540bf37b2539923dc70b96eea7cb870522ffd7ec (diff) | |
| download | gdb-9dc2f26777b07f9e5aa3220f7a680987ef79e75e.zip gdb-9dc2f26777b07f9e5aa3220f7a680987ef79e75e.tar.gz gdb-9dc2f26777b07f9e5aa3220f7a680987ef79e75e.tar.bz2 | |
Fix an illegal memory access triggered by an atempt to disassemble a corrupt xtensa binary.
PR 28305
* elf32-xtensa.c (elf_xtensa_do_reloc): Add check for put of range
reloc.
Diffstat (limited to 'bfd/elf32-xtensa.c')
| -rw-r--r-- | bfd/elf32-xtensa.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/bfd/elf32-xtensa.c b/bfd/elf32-xtensa.c index 7c5fb55..59f3dd5 100644 --- a/bfd/elf32-xtensa.c +++ b/bfd/elf32-xtensa.c @@ -1968,6 +1968,8 @@ elf_xtensa_do_reloc (reloc_howto_type *howto, return bfd_reloc_dangerous; } + if (input_size <= address) + return bfd_reloc_outofrange; /* Read the instruction into a buffer and decode the opcode. */ xtensa_insnbuf_from_chars (isa, ibuff, contents + address, input_size - address); |