aboutsummaryrefslogtreecommitdiff
path: root/bfd/libbfd.h
diff options
context:
space:
mode:
authorAlan Modra <amodra@gmail.com>2020-02-19 13:22:39 +1030
committerAlan Modra <amodra@gmail.com>2020-02-19 14:00:55 +1030
commit2c7c5554df19e410ea3a7d78b0c1435967a4bc62 (patch)
treeef0005f480637a4a474d1b23ff632caae8bf129c /bfd/libbfd.h
parent2bb3687ba8720558082d1575823868286d7916b5 (diff)
downloadgdb-2c7c5554df19e410ea3a7d78b0c1435967a4bc62.zip
gdb-2c7c5554df19e410ea3a7d78b0c1435967a4bc62.tar.gz
gdb-2c7c5554df19e410ea3a7d78b0c1435967a4bc62.tar.bz2
file size check in _bfd_alloc_and_read
* coffgen.c (_bfd_coff_get_external_symbols): Remove file size check. * elf.c (bfd_elf_get_str_section): Likewise. (_bfd_elf_slurp_version_tables): Likewise. * libbfd-in.h (_bfd_constant_p): Define. (_bfd_alloc_and_read, _bfd_malloc_and_read): Check read size against file size before allocating memory. * libbfd.h: Regenerate.
Diffstat (limited to 'bfd/libbfd.h')
-rw-r--r--bfd/libbfd.h30
1 files changed, 28 insertions, 2 deletions
diff --git a/bfd/libbfd.h b/bfd/libbfd.h
index 77c6630..2391500 100644
--- a/bfd/libbfd.h
+++ b/bfd/libbfd.h
@@ -909,10 +909,26 @@ extern bfd_vma _bfd_safe_read_leb128
((*res) = (a), (*res) *= (b), (b) != 0 && (*res) / (b) != (a))
#endif
+#ifdef __GNUC__
+#define _bfd_constant_p(v) __builtin_constant_p (v)
+#else
+#define _bfd_constant_p(v) 0
+#endif
+
static inline bfd_byte *
_bfd_alloc_and_read (bfd *abfd, bfd_size_type asize, bfd_size_type rsize)
{
- bfd_byte *mem = bfd_alloc (abfd, asize);
+ bfd_byte *mem;
+ if (!_bfd_constant_p (rsize))
+ {
+ ufile_ptr filesize = bfd_get_file_size (abfd);
+ if (filesize != 0 && rsize > filesize)
+ {
+ bfd_set_error (bfd_error_file_truncated);
+ return NULL;
+ }
+ }
+ mem = bfd_alloc (abfd, asize);
if (mem != NULL)
{
if (bfd_bread (mem, rsize, abfd) == rsize)
@@ -925,7 +941,17 @@ _bfd_alloc_and_read (bfd *abfd, bfd_size_type asize, bfd_size_type rsize)
static inline bfd_byte *
_bfd_malloc_and_read (bfd *abfd, bfd_size_type asize, bfd_size_type rsize)
{
- bfd_byte *mem = bfd_malloc (asize);
+ bfd_byte *mem;
+ if (!_bfd_constant_p (rsize))
+ {
+ ufile_ptr filesize = bfd_get_file_size (abfd);
+ if (filesize != 0 && rsize > filesize)
+ {
+ bfd_set_error (bfd_error_file_truncated);
+ return NULL;
+ }
+ }
+ mem = bfd_malloc (asize);
if (mem != NULL)
{
if (bfd_bread (mem, rsize, abfd) == rsize)