diff options
author | Nick Clifton <nickc@redhat.com> | 2014-11-03 17:44:00 +0000 |
---|---|---|
committer | Nick Clifton <nickc@redhat.com> | 2014-11-03 17:44:00 +0000 |
commit | 5a3f568b70bdfb91aacdfb66657b56d8c6d242f1 (patch) | |
tree | d11c8695362d773082a427bb3897d598a1ba0998 /bfd/libcoff-in.h | |
parent | ba241f2d5a6f1ac57e746d230892e27a70def4a6 (diff) | |
download | gdb-5a3f568b70bdfb91aacdfb66657b56d8c6d242f1.zip gdb-5a3f568b70bdfb91aacdfb66657b56d8c6d242f1.tar.gz gdb-5a3f568b70bdfb91aacdfb66657b56d8c6d242f1.tar.bz2 |
More fixes for buffer overruns instigated by corrupt binaries.
PR binutils/17512
* objdump.c (slurp_symtab): Fail gracefully if the table could not
be read.
(dump_relocs_in_section): Likewise.
* aoutx.h (slurp_symbol_table): Check that computed table size is
not bigger than the file from which is it being read.
(slurp_reloc_table): Likewise.
* coffcode.h (coff_slurp_line_table): Remove unneeded local
'warned'. Do not try to print the details of a symbol with an
invalid index.
* coffgen.c (make_a_sectiobn_from_file): Check computed string
index against length of string table.
(bfd_coff_internal_syment_name): Check read in string offset
against length of string table.
(build_debug_section): Return a pointer to the section used.
(_bfd_coff_read_string_table): Store the length of the string
table in the coff_tdata structure.
(bfd_coff_free_symbols): Set the length of the string table to
zero when it is freed.
(coff_get_normalized_symtab): Check offsets against string table
or data table lengths as appropriate.
* cofflink.c (_bfd_coff_link_input_bfd): Check offset against
length of string table.
* compress.c (bfd_get_full_section_contents): Check computed size
against the size of the file.
* libcoff-in.h (obj_coff_strings_len): Define.
(struct coff_tdata): Add strings_len field.
* libcoff.h: Regenerate.
* peXXigen.c (pe_print_debugdata): Do not attempt to print the
data if the debug section is too small.
* xcofflink.c (xcoff_link_input_bfd): Check offset against
length of string table.
Diffstat (limited to 'bfd/libcoff-in.h')
-rw-r--r-- | bfd/libcoff-in.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/bfd/libcoff-in.h b/bfd/libcoff-in.h index 6162f2e..6b6eb28 100644 --- a/bfd/libcoff-in.h +++ b/bfd/libcoff-in.h @@ -35,6 +35,7 @@ #define obj_coff_external_syms(bfd) (coff_data (bfd)->external_syms) #define obj_coff_keep_syms(bfd) (coff_data (bfd)->keep_syms) #define obj_coff_strings(bfd) (coff_data (bfd)->strings) +#define obj_coff_strings_len(bfd) (coff_data (bfd)->strings_len) #define obj_coff_keep_strings(bfd) (coff_data (bfd)->keep_strings) #define obj_coff_sym_hashes(bfd) (coff_data (bfd)->sym_hashes) #define obj_coff_strings_written(bfd) (coff_data (bfd)->strings_written) @@ -75,6 +76,8 @@ typedef struct coff_tdata /* The string table. May be NULL. Read by _bfd_coff_read_string_table. */ char *strings; + /* The length of the strings table. For error checking. */ + bfd_size_type strings_len; /* If this is TRUE, the strings may not be freed. */ bfd_boolean keep_strings; /* If this is TRUE, the strings have been written out already. */ |