From 7c1c1904bedb8f873731651b420a23f573785728 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Wed, 7 Aug 2019 23:37:49 +0930
Subject: Integer overflows in readelf get_data

I noticed the test for overflow of amt = size * nmemb in get_data
wasn't effective.  An obvious example of nmemb = 3 and size = half max
value overflows but doesn't result in amt < nmemb.  This patch fixes
this problem and reports a size truncation or overflow rather than out
of memory in more cases.

	* readelf.c (get_data): Improve overflow checks.
---
 binutils/ChangeLog | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'binutils/ChangeLog')

diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index c5d2d8f..b60ae64 100644
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,3 +1,7 @@
+2019-08-08  Alan Modra  <amodra@gmail.com>
+
+	* readelf.c (get_data): Improve overflow checks.
+
 2019-08-07  Nick Clifton  <nickc@redhat.com>
 
 	PR 24777
-- 
cgit v1.1