f53b235000
Fix another seg-fault parsing corrupt DWARF information. (#1573367) Fix a seg-fault copying a corrupt ELF file. (#1551788) Fix a seg-fault parsing a large ELF files on a 32-bit host. (#1539891) Fix a seg-fault running nm on a corrupt ELF file. (#15343247) Fix a seg-fault running nm on a file containing corrupt DWARF information. (#1551781) Fix another seg-fault running nm on a file containing corrupt DWARF information. (#1551763)
23 lines
719 B
Diff
23 lines
719 B
Diff
--- binutils.orig/binutils/dwarf.c 2018-05-01 11:42:02.656431736 +0100
|
|
+++ binutils-2.30/binutils/dwarf.c 2018-05-01 11:43:24.210383020 +0100
|
|
@@ -9244,7 +9244,18 @@ process_cu_tu_index (struct dwarf_sectio
|
|
}
|
|
|
|
if (!do_display)
|
|
- memcpy (&this_set[row - 1].signature, ph, sizeof (uint64_t));
|
|
+ {
|
|
+ size_t num_copy = sizeof (uint64_t);
|
|
+
|
|
+ /* PR 23064: Beware of buffer overflow. */
|
|
+ if (ph + num_copy < limit)
|
|
+ memcpy (&this_set[row - 1].signature, ph, num_copy);
|
|
+ else
|
|
+ {
|
|
+ warn (_("Signature (%p) extends beyond end of space in section\n"), ph);
|
|
+ return 0;
|
|
+ }
|
|
+ }
|
|
|
|
prow = poffsets + (row - 1) * ncols * 4;
|
|
/* PR 17531: file: b8ce60a8. */
|