aboutsummaryrefslogtreecommitdiff
path: root/bfd
diff options
context:
space:
mode:
authorAlan Modra <amodra@gmail.com>2021-08-05 19:22:08 +0930
committerAlan Modra <amodra@gmail.com>2021-08-05 20:47:09 +0930
commitddbe6976d51240c806488beb53b708858d8a3a67 (patch)
treef3b38d242b52a01e7283d37da11ab7f1c3adae6a /bfd
parent6ecfe4abfd14e9c04075435210ca383a1a0191ac (diff)
downloadgdb-ddbe6976d51240c806488beb53b708858d8a3a67.zip
gdb-ddbe6976d51240c806488beb53b708858d8a3a67.tar.gz
gdb-ddbe6976d51240c806488beb53b708858d8a3a67.tar.bz2
PR28167, vms-alpha build_module_list
PR 28167 * vms-alpha.c (build_module_list): Malloc and free section contents. Don't read past end of section.
Diffstat (limited to 'bfd')
-rw-r--r--bfd/vms-alpha.c11
1 files changed, 4 insertions, 7 deletions
diff --git a/bfd/vms-alpha.c b/bfd/vms-alpha.c
index bd49b7a..83a103a 100644
--- a/bfd/vms-alpha.c
+++ b/bfd/vms-alpha.c
@@ -4796,18 +4796,14 @@ build_module_list (bfd *abfd)
bfd_size_type size = bfd_section_size (dmt);
unsigned char *ptr, *end;
- ptr = (unsigned char *) bfd_alloc (abfd, size);
- if (! ptr)
- return NULL;
-
- if (! bfd_get_section_contents (abfd, dmt, ptr, 0, size))
+ if (! bfd_malloc_and_get_section (abfd, dmt, &ptr))
return NULL;
vms_debug2 ((2, "DMT\n"));
end = ptr + size;
- while (ptr < end)
+ while (end - ptr >= DBG_S_C_DMT_HEADER_SIZE)
{
/* Each header declares a module with its start offset and size
of debug info in the DST section, as well as the count of
@@ -4825,7 +4821,7 @@ build_module_list (bfd *abfd)
As a consequence, the actual debug info in the DST section is
shared and can be parsed multiple times; that doesn't seem to
cause problems in practice. */
- while (count-- > 0)
+ while (count-- > 0 && end - ptr >= DBG_S_C_DMT_PSECT_SIZE)
{
int start = bfd_getl32 (ptr + DBG_S_L_DMT_PSECT_START);
int length = bfd_getl32 (ptr + DBG_S_L_DMT_PSECT_LENGTH);
@@ -4842,6 +4838,7 @@ build_module_list (bfd *abfd)
start, length));
}
}
+ free (ptr);
}
else
{