diff options
| author | Alan Modra <amodra@gmail.com> | 2024-06-07 08:27:31 +0930 |
|---|---|---|
| committer | Alan Modra <amodra@gmail.com> | 2024-06-07 20:35:12 +0930 |
| commit | d89cd643c521878572f509093287b5ba229e0fa2 (patch) | |
| tree | f70e6bd92fe74f738d0babe893476c9cf82aadb7 /bfd | |
| parent | b284a87b49c9546445469fd4fa7c61bb782c6bd6 (diff) | |
| download | gdb-d89cd643c521878572f509093287b5ba229e0fa2.zip gdb-d89cd643c521878572f509093287b5ba229e0fa2.tar.gz gdb-d89cd643c521878572f509093287b5ba229e0fa2.tar.bz2 | |
Re: Yet another ecoff fuzzed object fix
In commit 6fc018e9e593 I replaced the fdr_ptr csym check against the
header isymMax count with a check against bfd symcount. In fact, both
checks are needed. The isymMax check sanity checks accesses against
the external sym array, the symcount one against the internal array.
* ecoff.c (_bfd_ecoff_slurp_symbol_table): Reinstate fdr_ptr
csym check against isymMax.
Diffstat (limited to 'bfd')
| -rw-r--r-- | bfd/ecoff.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/bfd/ecoff.c b/bfd/ecoff.c index 533ff19..0450176 100644 --- a/bfd/ecoff.c +++ b/bfd/ecoff.c @@ -966,6 +966,7 @@ _bfd_ecoff_slurp_symbol_table (bfd *abfd) if (fdr_ptr->isymBase < 0 || fdr_ptr->isymBase > symhdr->isymMax || fdr_ptr->csym < 0 + || fdr_ptr->csym > symhdr->isymMax - fdr_ptr->isymBase || fdr_ptr->csym > ((long) bfd_get_symcount (abfd) - (internal_ptr - internal)) || fdr_ptr->issBase < 0 |