diff options
| -rw-r--r-- | bfd/ChangeLog | 5 | ||||
| -rw-r--r-- | bfd/elf-attrs.c | 6 |
2 files changed, 8 insertions, 3 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog index fd9721e..7857b70 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,8 @@ +2021-06-02 Alan Modra <amodra@gmail.com> + + * elf-attrs.c (_bfd_elf_parse_attributes): Break out of loop if + subsection length is too small to cover tag and length field. + 2021-05-31 Nelson Chu <nelson.chu@sifive.com> Lifang Xia <lifang_xia@c-sky.com> diff --git a/bfd/elf-attrs.c b/bfd/elf-attrs.c index 11a81a3..72c606d 100644 --- a/bfd/elf-attrs.c +++ b/bfd/elf-attrs.c @@ -548,15 +548,15 @@ _bfd_elf_parse_attributes (bfd *abfd, Elf_Internal_Shdr * hdr) } else { - subsection_len = 0; p = p_end; + break; } - if (subsection_len == 0) - break; if (subsection_len > section_len) subsection_len = section_len; section_len -= subsection_len; end = orig_p + subsection_len; + if (end < p) + break; switch (tag) { case Tag_File: |