diff options
| author | Nick Clifton <nickc@redhat.com> | 2018-04-24 16:57:04 +0100 |
|---|---|---|
| committer | Nick Clifton <nickc@redhat.com> | 2018-04-24 16:57:04 +0100 |
| commit | db0c309f4011ca94a4abc8458e27f3734dab92ac (patch) | |
| tree | 70aa7ddc6d5a4e58cda7506d59f5e0d600b10808 /bfd | |
| parent | aa4a8c2a2a67545e90c877162c53cc9de42dc8b4 (diff) | |
| download | gdb-db0c309f4011ca94a4abc8458e27f3734dab92ac.zip gdb-db0c309f4011ca94a4abc8458e27f3734dab92ac.tar.gz gdb-db0c309f4011ca94a4abc8458e27f3734dab92ac.tar.bz2 | |
Fix an illegal memory access when trying to copy an ELF binary with corrupt section symbols.
PR 23113
* elf.c (ignore_section_sym): Check for the output_section pointer
being NULL before dereferencing it.
Diffstat (limited to 'bfd')
| -rw-r--r-- | bfd/ChangeLog | 4 | ||||
| -rw-r--r-- | bfd/elf.c | 9 |
2 files changed, 12 insertions, 1 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 32cd893..edd822f 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,5 +1,9 @@ 2018-04-24 Nick Clifton <nickc@redhat.com> + PR 23113 + * elf.c (ignore_section_sym): Check for the output_section pointer + being NULL before dereferencing it. + PR 23110 * peXXigen.c (_bfd_XX_bfd_copy_private_bfd_data_common): Check for a negative PE_DEBUG_DATA size before iterating over the debug data. @@ -4022,15 +4022,22 @@ ignore_section_sym (bfd *abfd, asymbol *sym) { elf_symbol_type *type_ptr; + if (sym == NULL) + return FALSE; + if ((sym->flags & BSF_SECTION_SYM) == 0) return FALSE; + if (sym->section == NULL) + return TRUE; + type_ptr = elf_symbol_from (abfd, sym); return ((type_ptr != NULL && type_ptr->internal_elf_sym.st_shndx != 0 && bfd_is_abs_section (sym->section)) || !(sym->section->owner == abfd - || (sym->section->output_section->owner == abfd + || (sym->section->output_section != NULL + && sym->section->output_section->owner == abfd && sym->section->output_offset == 0) || bfd_is_abs_section (sym->section))); } |