diff options
| author | Alan Modra <amodra@gmail.com> | 2020-02-21 19:22:41 +1030 |
|---|---|---|
| committer | Alan Modra <amodra@gmail.com> | 2020-02-21 22:16:43 +1030 |
| commit | a4425a57c7ad127b30cdfe271c870d5c8ebcfad7 (patch) | |
| tree | 91eede9d47adea966fe1eaaf57a77b674f9be3c9 /libctf | |
| parent | c7adb09f35ad70cefc75c328f7b5a23b19fb8c74 (diff) | |
| download | gdb-a4425a57c7ad127b30cdfe271c870d5c8ebcfad7.zip gdb-a4425a57c7ad127b30cdfe271c870d5c8ebcfad7.tar.gz gdb-a4425a57c7ad127b30cdfe271c870d5c8ebcfad7.tar.bz2 | |
Fuzzers whining about mach-o support
It's very easy to make bfd/mach-o.c allocate huge amounts of memory
with fuzzed binaries. This make it a little harder.
The patch also fixes a number of places where an attempt to detect
overflow of multiplication was done with code like
if (x * 4 < x)
/* overflow case */
That of course doesn't work. There are plenty of values of x that
overflow x * 4 but (x * 4) mod 2^n is greater than x. For example
with 16-bit types, 0x6000 * 4 = 0x18000 mod 2^16 = 0x8000.
* mach-o.c (bfd_mach_o_canonicalize_relocs): Fix ineffective
overflow check.
(bfd_mach_o_canonicalize_reloc): Likewise.
(bfd_mach_o_canonicalize_dynamic_reloc): Likewise. Sanity check
counts and offsets against file size.
(bfd_mach_o_build_dysymtab): Fix ineffective overflow check.
(bfd_mach_o_mangle_sections): Remove unnecessary overflow check.
(bfd_mach_o_read_symtab_symbols): Sanity check count and offset
against file size. Delete symbol table error message.
(bfd_mach_o_read_dysymtab): Sanity check counts and offsets
against file size.
(bfd_mach_o_read_symtab): Likewise.
(bfd_mach_o_read_command): Pass file size.
(bfd_mach_o_scan): Sanity check command count against file size.
Diffstat (limited to 'libctf')
0 files changed, 0 insertions, 0 deletions