binutils/binutils-CVE-2019-17451.patch
Nick Clifton 2ea649d73a Fix a potential seg-fault in the BFD library when parsing pathalogical debug_info sections. (#1771669)
Fix a potential memory exhaustion in the BFD library when parsing corrupt DWARF debug information.  (#1771678)
2019-11-13 12:11:41 +00:00

21 lines
789 B
Diff

--- binutils.orig/bfd/dwarf2.c 2019-11-13 11:32:09.395430104 +0000
+++ binutils-2.33.1/bfd/dwarf2.c 2019-11-13 11:33:17.272899503 +0000
@@ -4440,7 +4440,16 @@ _bfd_dwarf2_slurp_debug_info (bfd *abfd,
for (total_size = 0;
msec;
msec = find_debug_info (debug_bfd, debug_sections, msec))
- total_size += msec->size;
+ {
+ /* Catch PR25070 testcase overflowing size calculation here. */
+ if (total_size + msec->size < total_size
+ || total_size + msec->size < msec->size)
+ {
+ bfd_set_error (bfd_error_no_memory);
+ return FALSE;
+ }
+ total_size += msec->size;
+ }
stash->info_ptr_memory = (bfd_byte *) bfd_malloc (total_size);
if (stash->info_ptr_memory == NULL)