Check the abbrev offset found in the .debug_info section before using

it.

1 files changed, 12 insertions, 2 deletions

diff --git a/gdb/dwarf2read.c b/gdb/dwarf2read.c
index a754a84..e12953d 100644
--- a/gdb/dwarf2read.c
+++ b/gdb/dwarf2read.c
@@ -147,9 +147,9 @@ static unsigned int dwarf_str_size;
 /* The data in a compilation unit header looks like this.  */
 struct comp_unit_head
   {
-    int length;
+    unsigned int length;
     short version;
-    int abbrev_offset;
+    unsigned int abbrev_offset;
     unsigned char addr_size;
   };
 
@@ -932,6 +932,16 @@ dwarf2_build_psymtabs_hard (objfile, section_offsets, mainline)
 	  error ("Dwarf Error: wrong version in compilation unit header.");
 	  return;
 	}
+      if (cu_header.abbrev_offset >= dwarf_abbrev_size)
+	{
+	  error ("Dwarf Error: bad offset in compilation unit header.");
+	  return;
+	}
+      if (cu_header.length > dwarf_abbrev_size - cu_header.abbrev_offset)
+	{
+	  error ("Dwarf Error:  bad length in compilation unit header.");
+	  return;
+	}
 
       /* Read the abbrevs for this compilation unit into a table */
       dwarf2_read_abbrevs (abfd, cu_header.abbrev_offset);