diff options
author | Alan Modra <amodra@gmail.com> | 2007-07-26 12:34:43 +0000 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2007-07-26 12:34:43 +0000 |
commit | e62071b60e0a89780a5b3a153365805346b38614 (patch) | |
tree | ad66168f0786a49eaa37d51dc4c39a3c09439952 /bfd/srec.c | |
parent | b9da616afe44eb7d00a669dad47bc6860e9b23d3 (diff) | |
download | gdb-e62071b60e0a89780a5b3a153365805346b38614.zip gdb-e62071b60e0a89780a5b3a153365805346b38614.tar.gz gdb-e62071b60e0a89780a5b3a153365805346b38614.tar.bz2 |
* srec.c (srec_get_section_contents): Return immediately on
count zero. Check that offset and count are within section.
* libbfd.c (_bfd_generic_get_section_contents): Check that
offset + count does not overflow.
Diffstat (limited to 'bfd/srec.c')
-rw-r--r-- | bfd/srec.c | 12 |
1 files changed, 11 insertions, 1 deletions
@@ -781,10 +781,20 @@ srec_get_section_contents (bfd *abfd, file_ptr offset, bfd_size_type count) { + if (count == 0) + return TRUE; + + if (offset + count < count + || offset + count > section->size) + { + bfd_set_error (bfd_error_invalid_operation); + return FALSE; + } + if (section->used_by_bfd == NULL) { section->used_by_bfd = bfd_alloc (abfd, section->size); - if (section->used_by_bfd == NULL && section->size != 0) + if (section->used_by_bfd == NULL) return FALSE; if (! srec_read_section (abfd, section, section->used_by_bfd)) |