From e62071b60e0a89780a5b3a153365805346b38614 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Thu, 26 Jul 2007 12:34:43 +0000
Subject: 	* srec.c (srec_get_section_contents): Return immediately on 
 count zero.  Check that offset and count are within section. 	* libbfd.c
 (_bfd_generic_get_section_contents): Check that 	offset + count does
 not overflow.

---
 bfd/libbfd.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'bfd/libbfd.c')

diff --git a/bfd/libbfd.c b/bfd/libbfd.c
index 33d9c01..bf49a2e 100644
--- a/bfd/libbfd.c
+++ b/bfd/libbfd.c
@@ -820,7 +820,8 @@ _bfd_generic_get_section_contents (bfd *abfd,
     return TRUE;
 
   sz = section->rawsize ? section->rawsize : section->size;
-  if (offset + count > sz)
+  if (offset + count < count
+      || offset + count > sz)
     {
       bfd_set_error (bfd_error_invalid_operation);
       return FALSE;
-- 
cgit v1.1