diff options
Diffstat (limited to 'bfd/versados.c')
-rw-r--r-- | bfd/versados.c | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/bfd/versados.c b/bfd/versados.c index 95f5f53..2540314 100644 --- a/bfd/versados.c +++ b/bfd/versados.c @@ -57,6 +57,7 @@ struct esdid { asection *section; /* Ptr to bfd version. */ unsigned char *contents; /* Used to build image. */ + bfd_size_type content_size; /* The size of the contents buffer. */ int pc; int relocs; /* Reloc count, valid end of pass 1. */ int donerel; /* Have relocs been translated. */ @@ -406,7 +407,7 @@ process_otr (bfd *abfd, struct ext_otr *otr, int pass) if (pass == 1) need_contents = TRUE; - else if (contents && dst_idx < esdid->section->size - sizeinwords * 2) + else if (contents && dst_idx < esdid->content_size - sizeinwords * 2) for (j = 0; j < sizeinwords * 2; j++) { contents[dst_idx + (sizeinwords * 2) - j - 1] = val; @@ -449,7 +450,7 @@ process_otr (bfd *abfd, struct ext_otr *otr, int pass) { need_contents = TRUE; - if (esdid->section && contents && dst_idx < esdid->section->size) + if (esdid->section && contents && dst_idx < esdid->content_size - 1) if (pass == 2) { /* Absolute code, comes in 16 bit lumps. */ @@ -472,6 +473,7 @@ process_otr (bfd *abfd, struct ext_otr *otr, int pass) size = esdid->section->size; esdid->contents = bfd_alloc (abfd, size); + esdid->content_size = size; } else esdid->contents = NULL; @@ -686,12 +688,20 @@ versados_get_section_contents (bfd *abfd, file_ptr offset, bfd_size_type count) { + struct esdid *esdid; + if (!versados_pass_2 (abfd)) return FALSE; - memcpy (location, - EDATA (abfd, section->target_index).contents + offset, - (size_t) count); + esdid = &EDATA (abfd, section->target_index); + + if (esdid->contents == NULL + || offset < 0 + || (bfd_size_type) offset > esdid->content_size + || offset + count > esdid->content_size) + return FALSE; + + memcpy (location, esdid->contents + offset, (size_t) count); return TRUE; } |