aboutsummaryrefslogtreecommitdiff
path: root/bfd/section.c
diff options
context:
space:
mode:
authorAlan Modra <amodra@gmail.com>2021-02-11 09:53:17 +1030
committerAlan Modra <amodra@gmail.com>2021-02-11 11:58:19 +1030
commit6db658c517bdfbf8e5b8c5a34caf3ff1eea332f1 (patch)
treec4033214b990c8c2cc35baf32de1e1c1bba9d4d2 /bfd/section.c
parent160fe1933736c123e15199080874fcab8b9ecc65 (diff)
downloadgdb-6db658c517bdfbf8e5b8c5a34caf3ff1eea332f1.zip
gdb-6db658c517bdfbf8e5b8c5a34caf3ff1eea332f1.tar.gz
gdb-6db658c517bdfbf8e5b8c5a34caf3ff1eea332f1.tar.bz2
PR27291, integer overflow in bfd_get_section_contents
Makes the code a little more elegant too. Note that the unsigned overflow reported here is well defined so this patch doesn't fix any real problem. PR 27291 * section.c (bfd_get_section_contents): Avoid possible overflow when range checking offset and count. (bfd_set_section_contents): Likewise.
Diffstat (limited to 'bfd/section.c')
-rw-r--r--bfd/section.c6
1 files changed, 2 insertions, 4 deletions
diff --git a/bfd/section.c b/bfd/section.c
index 3e6ba0c..059b6fa 100644
--- a/bfd/section.c
+++ b/bfd/section.c
@@ -1498,8 +1498,7 @@ bfd_set_section_contents (bfd *abfd,
sz = section->size;
if ((bfd_size_type) offset > sz
- || count > sz
- || offset + count > sz
+ || count > sz - offset
|| count != (size_t) count)
{
bfd_set_error (bfd_error_bad_value);
@@ -1569,8 +1568,7 @@ bfd_get_section_contents (bfd *abfd,
else
sz = section->size;
if ((bfd_size_type) offset > sz
- || count > sz
- || offset + count > sz
+ || count > sz - offset
|| count != (size_t) count)
{
bfd_set_error (bfd_error_bad_value);