diff options
| -rw-r--r-- | bfd/ChangeLog | 6 | ||||
| -rw-r--r-- | bfd/elflink.c | 6 |
2 files changed, 10 insertions, 2 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog index a072ade..b1011b1 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,9 @@ +2019-03-15 Alan Modra <amodra@gmail.com> + + PR 24336 + * elflink.c (elf_link_read_relocs_from_section): Handle fuzzed + object files with sh_size not a multiple of sh_entsize. + 2019-03-15 H.J. Lu <hongjiu.lu@intel.com> PR ld/24338 diff --git a/bfd/elflink.c b/bfd/elflink.c index 3413726..2600c39 100644 --- a/bfd/elflink.c +++ b/bfd/elflink.c @@ -2523,9 +2523,11 @@ elf_link_read_relocs_from_section (bfd *abfd, } erela = (const bfd_byte *) external_relocs; - erelaend = erela + shdr->sh_size; + /* Setting erelaend like this and comparing with <= handles case of + a fuzzed object with sh_size not a multiple of sh_entsize. */ + erelaend = erela + shdr->sh_size - shdr->sh_entsize; irela = internal_relocs; - while (erela < erelaend) + while (erela <= erelaend) { bfd_vma r_symndx; |