diff options
| -rw-r--r-- | bfd/ChangeLog | 7 | ||||
| -rw-r--r-- | bfd/section.c | 6 |
2 files changed, 9 insertions, 4 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog index ebe2b58..41da87b 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,10 @@ +2021-02-11 Alan Modra <amodra@gmail.com> + + PR 27291 + * section.c (bfd_get_section_contents): Avoid possible overflow + when range checking offset and count. + (bfd_set_section_contents): Likewise. + 2021-02-03 Nick Alcock <nick.alcock@oracle.com> * configure.ac (SHARED_LIBADD): Remove explicit -lintl population in diff --git a/bfd/section.c b/bfd/section.c index 3e6ba0c..059b6fa 100644 --- a/bfd/section.c +++ b/bfd/section.c @@ -1498,8 +1498,7 @@ bfd_set_section_contents (bfd *abfd, sz = section->size; if ((bfd_size_type) offset > sz - || count > sz - || offset + count > sz + || count > sz - offset || count != (size_t) count) { bfd_set_error (bfd_error_bad_value); @@ -1569,8 +1568,7 @@ bfd_get_section_contents (bfd *abfd, else sz = section->size; if ((bfd_size_type) offset > sz - || count > sz - || offset + count > sz + || count > sz - offset || count != (size_t) count) { bfd_set_error (bfd_error_bad_value); |