diff options
| author | Nick Clifton <nickc@redhat.com> | 2023-03-14 13:15:12 +0000 |
|---|---|---|
| committer | Nick Clifton <nickc@redhat.com> | 2023-03-14 13:15:12 +0000 |
| commit | 97b75c421f74e4708f9a351641b99be3d4848913 (patch) | |
| tree | b3354aa711fbe569ee4e3cd0490ef5eec63e6c9b /binutils | |
| parent | ff581559f9d6586d1d05c5a25d777c78edab3517 (diff) | |
| download | gdb-97b75c421f74e4708f9a351641b99be3d4848913.zip gdb-97b75c421f74e4708f9a351641b99be3d4848913.tar.gz gdb-97b75c421f74e4708f9a351641b99be3d4848913.tar.bz2 | |
Prevent an over large memory allocation in readelf when parsing a corrupt DWARF file.
PR 30227
* dwarf.c (process_cu_tu_index): Prevent excessive memory allocation when nused is large and ncols is zero.
Diffstat (limited to 'binutils')
| -rw-r--r-- | binutils/ChangeLog | 6 | ||||
| -rw-r--r-- | binutils/dwarf.c | 3 |
2 files changed, 9 insertions, 0 deletions
diff --git a/binutils/ChangeLog b/binutils/ChangeLog index 94099d7..10718ab 100644 --- a/binutils/ChangeLog +++ b/binutils/ChangeLog @@ -1,3 +1,9 @@ +2023-03-14 Nick Clifton <nickc@redhat.com> + + PR 30227 + * dwarf.c (process_cu_tu_index): Prevent excessive memory + allocation when nused is large and ncols is zero. + 2023-02-09 Tom Tromey <tromey@adacore.com> * dwarf-mode.el: Bump version to 1.8. diff --git a/binutils/dwarf.c b/binutils/dwarf.c index a4799f0..89b0b80 100644 --- a/binutils/dwarf.c +++ b/binutils/dwarf.c @@ -10912,6 +10912,9 @@ process_cu_tu_index (struct dwarf_section *section, int do_display) if (nused == -1u || _mul_overflow ((size_t) ncols, 4, &temp) || _mul_overflow ((size_t) nused + 1, temp, &total) + || total > (size_t) (limit - ppool) + /* PR 30227: ncols could be 0. */ + || _mul_overflow ((size_t) nused + 1, 4, &total) || total > (size_t) (limit - ppool)) { warn (_("Section %s too small for offset and size tables\n"), |