diff options
| author | Nick Clifton <nickc@redhat.com> | 2014-03-19 16:48:02 +0000 |
|---|---|---|
| committer | Nick Clifton <nickc@redhat.com> | 2014-03-19 16:48:02 +0000 |
| commit | c24cf8b6e831967c353f0c518e180cea689c0b58 (patch) | |
| tree | 62349e2dfa25c2a135570cee69bcd1a8b7207977 /binutils | |
| parent | ec92c392f7d6b4f43d6191a0d3fa1cd47db9f738 (diff) | |
| download | gdb-c24cf8b6e831967c353f0c518e180cea689c0b58.zip gdb-c24cf8b6e831967c353f0c518e180cea689c0b58.tar.gz gdb-c24cf8b6e831967c353f0c518e180cea689c0b58.tar.bz2 | |
This is a fix for PR binutils/16723, where a corrupt .gnu.version_r section could
send readelf into an infinite loop.
* readelf.c (process_version_sections): Prevent an infinite loop
when the vn_next field is zero but there are still entries to be
processed.
Diffstat (limited to 'binutils')
| -rw-r--r-- | binutils/ChangeLog | 7 | ||||
| -rw-r--r-- | binutils/readelf.c | 6 |
2 files changed, 13 insertions, 0 deletions
diff --git a/binutils/ChangeLog b/binutils/ChangeLog index 2a65f47..03a1e18 100644 --- a/binutils/ChangeLog +++ b/binutils/ChangeLog @@ -1,3 +1,10 @@ +2014-03-19 Nick Clifton <nickc@redhat.com> + + PR binutils/16723 + * readelf.c (process_version_sections): Prevent an infinite loop + when the vn_next field is zero but there are still entries to be + processed. + 2014-03-17 Tristan Gingold <gingold@adacore.com> * od-macho.c (dump_section_header): Renames of dump_section. diff --git a/binutils/readelf.c b/binutils/readelf.c index 27682b2..79137e3 100644 --- a/binutils/readelf.c +++ b/binutils/readelf.c @@ -8971,6 +8971,12 @@ process_version_sections (FILE * file) if (j < ent.vn_cnt) warn (_("Missing Version Needs auxillary information\n")); + if (ent.vn_next == 0 && cnt < section->sh_info) + { + warn (_("Corrupt Version Needs structure - offset to next structure is zero with entries still left to be processed\n")); + cnt = section->sh_info; + break; + } idx += ent.vn_next; } |