diff options
| author | Cary Coutant <ccoutant@google.com> | 2014-06-09 14:55:02 -0700 |
|---|---|---|
| committer | Cary Coutant <ccoutant@google.com> | 2014-06-09 14:55:02 -0700 |
| commit | 9baa787b14d9a92067ecb1731407c5abe37d7c3c (patch) | |
| tree | d4d875ec5c7edc8025a556d34a33cb151323120b /gold | |
| parent | 8f89af0abe40c9231f42ad3193a45e8fccb35720 (diff) | |
| download | gdb-9baa787b14d9a92067ecb1731407c5abe37d7c3c.zip gdb-9baa787b14d9a92067ecb1731407c5abe37d7c3c.tar.gz gdb-9baa787b14d9a92067ecb1731407c5abe37d7c3c.tar.bz2 | |
Add check to keep from segfaulting on a corrupt .debug_pubnames section.
gold/
* dwarf_reader.cc (Dwarf_pubnames_table::read_header): Check that
unit_length is within section bounds.
Diffstat (limited to 'gold')
| -rw-r--r-- | gold/ChangeLog | 5 | ||||
| -rw-r--r-- | gold/dwarf_reader.cc | 6 |
2 files changed, 11 insertions, 0 deletions
diff --git a/gold/ChangeLog b/gold/ChangeLog index 59661a0..151fcde 100644 --- a/gold/ChangeLog +++ b/gold/ChangeLog @@ -1,5 +1,10 @@ 2014-06-09 Cary Coutant <ccoutant@google.com> + * dwarf_reader.cc (Dwarf_pubnames_table::read_header): Check that + unit_length is within section bounds. + +2014-06-09 Cary Coutant <ccoutant@google.com> + PR gold/16980 * layout.cc (Layout::print_to_mapfile): Print unattached sections in map. diff --git a/gold/dwarf_reader.cc b/gold/dwarf_reader.cc index df14bd5..30aea10 100644 --- a/gold/dwarf_reader.cc +++ b/gold/dwarf_reader.cc @@ -580,6 +580,12 @@ Dwarf_pubnames_table::read_header(off_t offset) } this->end_of_table_ = pinfo + unit_length; + // If unit_length is too big, maybe we should reject the whole table, + // but in cases we know about, it seems OK to assume that the table + // is valid through the actual end of the section. + if (this->end_of_table_ > this->buffer_end_) + this->end_of_table_ = this->buffer_end_; + // Check the version. unsigned int version = this->dwinfo_->read_from_pointer<16>(pinfo); pinfo += 2; |