diff options
author | Nick Clifton <nickc@redhat.com> | 2019-06-28 13:30:00 +0100 |
---|---|---|
committer | Nick Clifton <nickc@redhat.com> | 2019-06-28 13:30:00 +0100 |
commit | 781152ec18f56726c750cc0812a740396e4ec820 (patch) | |
tree | cbab84833a47375ba9d352fedabffd777212cc45 /binutils/objdump.c | |
parent | 999d6dff80fab12d22c2a8d91923db6bde7fb3e5 (diff) | |
download | gdb-781152ec18f56726c750cc0812a740396e4ec820.zip gdb-781152ec18f56726c750cc0812a740396e4ec820.tar.gz gdb-781152ec18f56726c750cc0812a740396e4ec820.tar.bz2 |
Prevent an attempt to allocate an excessive amount of memory when dumping the symbols in a malformed file.
PR 24707
* objdump.c (slurp_symtab): Fail with a helpful error message if
the symbol table is too large.
Diffstat (limited to 'binutils/objdump.c')
-rw-r--r-- | binutils/objdump.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/binutils/objdump.c b/binutils/objdump.c index 7a4e7e4..32e6f24 100644 --- a/binutils/objdump.c +++ b/binutils/objdump.c @@ -704,7 +704,22 @@ slurp_symtab (bfd *abfd) bfd_fatal (_("error message was")); } if (storage) - sy = (asymbol **) xmalloc (storage); + { + off_t filesize = bfd_get_file_size (abfd); + + /* qv PR 24707. */ + if (filesize > 0 && filesize < storage) + { + bfd_nonfatal_message (bfd_get_filename (abfd), abfd, NULL, + _("error: symbol table size (%#lx) is larger than filesize (%#lx)"), + storage, (long) filesize); + exit_status = 1; + symcount = 0; + return NULL; + } + + sy = (asymbol **) xmalloc (storage); + } symcount = bfd_canonicalize_symtab (abfd, sy); if (symcount < 0) |