aboutsummaryrefslogtreecommitdiff
path: root/bfd
diff options
context:
space:
mode:
authorNick Clifton <nickc@redhat.com>2019-03-14 17:21:41 +0000
committerNick Clifton <nickc@redhat.com>2019-03-14 17:21:41 +0000
commitd7f848c3b51f01635557ab765f2ba176618e0bf8 (patch)
treefa4b17aa9a406e8b4f69c11981f6337b41cf2c36 /bfd
parent6cc71b820cc70b63711e9d7f584550b56e172b0a (diff)
downloadgdb-d7f848c3b51f01635557ab765f2ba176618e0bf8.zip
gdb-d7f848c3b51f01635557ab765f2ba176618e0bf8.tar.gz
gdb-d7f848c3b51f01635557ab765f2ba176618e0bf8.tar.bz2
Fix a buffer overrun error when attempting to parse corrupt DWARF information.
PR 24334 * dwarf2.c (struct dwarf2_debug): Add sec_vma_count field. (save_section_vma): Initialise field to the number of entries in the sec_vma table. (section_vma_same): Check that the number of entries in the sec_vma table matches the number of sections in the bfd.
Diffstat (limited to 'bfd')
-rw-r--r--bfd/ChangeLog9
-rw-r--r--bfd/dwarf2.c9
2 files changed, 18 insertions, 0 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 7ed3929..1e2681e 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,5 +1,14 @@
2019-03-14 Nick Clifton <nickc@redhat.com>
+ PR 24334
+ * dwarf2.c (struct dwarf2_debug): Add sec_vma_count field.
+ (save_section_vma): Initialise field to the number of entries in
+ the sec_vma table.
+ (section_vma_same): Check that the number of entries in the
+ sec_vma table matches the number of sections in the bfd.
+
+2019-03-14 Nick Clifton <nickc@redhat.com>
+
PR 24333
* elflink.c (_bfd_elf_add_default_symbol): Add a check for a NULL
section owner pointer when adding the default symbol.
diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
index 56557bb..e3c6d6d 100644
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@@ -169,6 +169,8 @@ struct dwarf2_debug
/* Section VMAs at the time the stash was built. */
bfd_vma *sec_vma;
+ /* Number of sections in the SEC_VMA table. */
+ unsigned int sec_vma_count;
/* Number of sections whose VMA we must adjust. */
int adjusted_section_count;
@@ -4269,6 +4271,7 @@ save_section_vma (const bfd *abfd, struct dwarf2_debug *stash)
stash->sec_vma = bfd_malloc (sizeof (*stash->sec_vma) * abfd->section_count);
if (stash->sec_vma == NULL)
return FALSE;
+ stash->sec_vma_count = abfd->section_count;
for (i = 0, s = abfd->sections; i < abfd->section_count; i++, s = s->next)
{
if (s->output_section != NULL)
@@ -4292,6 +4295,12 @@ section_vma_same (const bfd *abfd, const struct dwarf2_debug *stash)
asection *s;
unsigned int i;
+ /* PR 24334: If the number of sections in ABFD has changed between
+ when the stash was created and now, then we cannot trust the
+ stashed vma information. */
+ if (abfd->section_count != stash->sec_vma_count)
+ return FALSE;
+
for (i = 0, s = abfd->sections; i < abfd->section_count; i++, s = s->next)
{
bfd_vma vma;