diff options
| author | Nick Clifton <nickc@redhat.com> | 2022-05-03 11:40:41 +0100 |
|---|---|---|
| committer | Nick Clifton <nickc@redhat.com> | 2022-05-03 11:41:45 +0100 |
| commit | 46465574a925062ba7dfa72f49ba5199d7a39fc3 (patch) | |
| tree | c076ede8e01796d3fe214ab8c6bd55e1336ca76c /ld | |
| parent | 4bb461e42c556fc9804937f70e3f2fc1534732d2 (diff) | |
| download | gdb-46465574a925062ba7dfa72f49ba5199d7a39fc3.zip gdb-46465574a925062ba7dfa72f49ba5199d7a39fc3.tar.gz gdb-46465574a925062ba7dfa72f49ba5199d7a39fc3.tar.bz2 | |
Fix potential arithmetic overflow in the linker's plugin handling code.
PR 29101
* libdep_plugin.c (get_libdeps): Check for overflow when computing
amount of memory to allocate.
Diffstat (limited to 'ld')
| -rw-r--r-- | ld/ChangeLog | 6 | ||||
| -rw-r--r-- | ld/libdep_plugin.c | 6 |
2 files changed, 11 insertions, 1 deletions
diff --git a/ld/ChangeLog b/ld/ChangeLog index a094af9..7b9fdc8 100644 --- a/ld/ChangeLog +++ b/ld/ChangeLog @@ -1,3 +1,9 @@ +2022-05-03 Nick Clifton <nickc@redhat.com> + + PR 29101 + * libdep_plugin.c (get_libdeps): Check for overflow when computing + amount of memory to allocate. + 2022-04-27 Nick Clifton <nickc@redhat.com> PR 29006 diff --git a/ld/libdep_plugin.c b/ld/libdep_plugin.c index 5569aa4..453df71 100644 --- a/ld/libdep_plugin.c +++ b/ld/libdep_plugin.c @@ -99,6 +99,7 @@ get_libdeps (int fd) arhdr ah; int len; unsigned long mlen; + size_t amt; linerec *lr; enum ld_plugin_status rc = LDPS_NO_SYMS; @@ -114,7 +115,10 @@ get_libdeps (int fd) lseek (fd, mlen, SEEK_CUR); continue; } - lr = malloc (sizeof (linerec) + mlen); + amt = mlen + sizeof (linerec); + if (amt <= mlen) + return LDPS_ERR; + lr = malloc (amt); if (!lr) return LDPS_ERR; lr->next = NULL; |