aboutsummaryrefslogtreecommitdiff
path: root/binutils/readelf.c
diff options
context:
space:
mode:
authorNick Clifton <nickc@redhat.com>2012-02-01 15:44:30 +0000
committerNick Clifton <nickc@redhat.com>2012-02-01 15:44:30 +0000
commit8b971f9fe98d53e92ad7ca36a55c207eda5782aa (patch)
tree460e4f04ea01a8660fd52f9d02ba5192990cbc57 /binutils/readelf.c
parentbc884eba6a28fe7bf907df58f10ccb13989d6c5a (diff)
downloadgdb-8b971f9fe98d53e92ad7ca36a55c207eda5782aa.zip
gdb-8b971f9fe98d53e92ad7ca36a55c207eda5782aa.tar.gz
gdb-8b971f9fe98d53e92ad7ca36a55c207eda5782aa.tar.bz2
PR binutils/13482
* readelf.c (process_corefile_note_segment): Fix off-by-one errors verifying the contents of a note. * binutils-all/version.s: New test source file. * binutils-all/readelf.n: New file: expected readelf output. * binutils-all/readelf.exp: Add test of .note section contents.
Diffstat (limited to 'binutils/readelf.c')
-rw-r--r--binutils/readelf.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/binutils/readelf.c b/binutils/readelf.c
index 861b2c1..3ade53e 100644
--- a/binutils/readelf.c
+++ b/binutils/readelf.c
@@ -1,6 +1,6 @@
/* readelf.c -- display contents of an ELF format file
Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
- 2008, 2009, 2010, 2011
+ 2008, 2009, 2010, 2011, 2012
Free Software Foundation, Inc.
Originally developed by Eric Youngdale <eric@andante.jic.com>
@@ -12994,7 +12994,7 @@ process_corefile_note_segment (FILE * file, bfd_vma offset, bfd_vma length)
external = next;
/* Prevent out-of-bounds indexing. */
- if (inote.namedata + inote.namesz >= (char *) pnotes + length
+ if (inote.namedata + inote.namesz > (char *) pnotes + length
|| inote.namedata + inote.namesz < inote.namedata)
{
warn (_("corrupt note found at offset %lx into core notes\n"),
@@ -13008,7 +13008,7 @@ process_corefile_note_segment (FILE * file, bfd_vma offset, bfd_vma length)
one version of Linux (RedHat 6.0) generates corefiles that don't
comply with the ELF spec by failing to include the null byte in
namesz. */
- if (inote.namedata[inote.namesz] != '\0')
+ if (inote.namedata[inote.namesz - 1] != '\0')
{
temp = (char *) malloc (inote.namesz + 1);