aboutsummaryrefslogtreecommitdiff
path: root/binutils/dwarf.c
diff options
context:
space:
mode:
authorAlan Modra <amodra@gmail.com>2021-05-10 09:56:43 +0930
committerAlan Modra <amodra@gmail.com>2021-05-10 10:03:00 +0930
commit2d4b49864eba70606b1bee3d0a3e8414189dcd6d (patch)
treef3a8c3cd72a12ea0b3181a388beea89de5ac7448 /binutils/dwarf.c
parent400f0c9b88c68784f9c516422f293bc4d19d9e5b (diff)
downloadgdb-2d4b49864eba70606b1bee3d0a3e8414189dcd6d.zip
gdb-2d4b49864eba70606b1bee3d0a3e8414189dcd6d.tar.gz
gdb-2d4b49864eba70606b1bee3d0a3e8414189dcd6d.tar.bz2
Avoid possible pointer wrap
PTR supplied to these macros can be read from user input, END is an end of buffer pointer. It's safer to do arithmetic on END than on PTR. * dwarf.c (SAFE_BYTE_GET): Check bounds by subtracting amount from END rather than adding amount to PTR. (SAFE_SIGNED_BYTE_GET, SAFE_BYTE_GET64): Likewise.
Diffstat (limited to 'binutils/dwarf.c')
-rw-r--r--binutils/dwarf.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/binutils/dwarf.c b/binutils/dwarf.c
index d93d923..c584f5b 100644
--- a/binutils/dwarf.c
+++ b/binutils/dwarf.c
@@ -406,7 +406,7 @@ read_leb128 (unsigned char *data,
amount, (int) sizeof (VAL)); \
amount = sizeof (VAL); \
} \
- if (((PTR) + amount) >= (END)) \
+ if ((PTR) >= (END) - amount) \
{ \
if ((PTR) < (END)) \
amount = (END) - (PTR); \
@@ -434,7 +434,7 @@ read_leb128 (unsigned char *data,
do \
{ \
unsigned int amount = (AMOUNT); \
- if (((PTR) + amount) >= (END)) \
+ if ((PTR) >= (END) - amount) \
{ \
if ((PTR) < (END)) \
amount = (END) - (PTR); \
@@ -460,7 +460,7 @@ read_leb128 (unsigned char *data,
#define SAFE_BYTE_GET64(PTR, HIGH, LOW, END) \
do \
{ \
- if (((PTR) + 8) <= (END)) \
+ if ((PTR) <= (END) - 8) \
{ \
byte_get_64 ((PTR), (HIGH), (LOW)); \
} \