diff options
| -rw-r--r-- | gold/ChangeLog | 5 | ||||
| -rw-r--r-- | gold/dwarf_reader.cc | 6 |
2 files changed, 11 insertions, 0 deletions
diff --git a/gold/ChangeLog b/gold/ChangeLog index 59661a0..151fcde 100644 --- a/gold/ChangeLog +++ b/gold/ChangeLog @@ -1,5 +1,10 @@ 2014-06-09 Cary Coutant <ccoutant@google.com> + * dwarf_reader.cc (Dwarf_pubnames_table::read_header): Check that + unit_length is within section bounds. + +2014-06-09 Cary Coutant <ccoutant@google.com> + PR gold/16980 * layout.cc (Layout::print_to_mapfile): Print unattached sections in map. diff --git a/gold/dwarf_reader.cc b/gold/dwarf_reader.cc index df14bd5..30aea10 100644 --- a/gold/dwarf_reader.cc +++ b/gold/dwarf_reader.cc @@ -580,6 +580,12 @@ Dwarf_pubnames_table::read_header(off_t offset) } this->end_of_table_ = pinfo + unit_length; + // If unit_length is too big, maybe we should reject the whole table, + // but in cases we know about, it seems OK to assume that the table + // is valid through the actual end of the section. + if (this->end_of_table_ > this->buffer_end_) + this->end_of_table_ = this->buffer_end_; + // Check the version. unsigned int version = this->dwinfo_->read_from_pointer<16>(pinfo); pinfo += 2; |