Fix seg-fault in linker when passed a bogus input script.

PR ld/20906 * ldlex.l: Check for bogus strings in linker scripts.
2016-12-05 16:00:43 +00:00 · 2016-12-05 16:00:43 +00:00 · 406bd128db
commit 406bd128db
parent 9b5481c63a
2 changed files with 13 additions and 2 deletions
--- a/ld/ChangeLog
+++ b/ld/ChangeLog
@ -1,3 +1,8 @@
+2016-12-05  Nick Clifton  <nickc@redhat.com>
+
+	PR ld/20906
+	* ldlex.l: Check for bogus strings in linker scripts.
+
 2016-12-05  Alyssa Milburn <amilburn@zall.org>

 	* testsuite/ld-sparc/wdispcall.s: New file.
--- a/ld/ldlex.l
+++ b/ld/ldlex.l
@ -415,9 +415,15 @@ V_IDENTIFIER [*?.$_a-zA-Z\[\]\-\!\^\\]([*?.$_a-zA-Z0-9\[\]\-\!\^\\]|::)*

 <EXPRESSION,BOTH,SCRIPT,VERS_NODE,INPUTLIST>"\""[^\"]*"\"" {
 					/* No matter the state, quotes
-					   give what's inside */
+					   give what's inside.  */
+					bfd_size_type len;
 					yylval.name = xstrdup (yytext + 1);
-					yylval.name[yyleng - 2] = 0;
+					/* PR ld/20906.  A corrupt input file
+					   can contain bogus strings.  */
+					len = strlen (yylval.name);
+					if (len > yyleng - 2)
+					  len = yyleng - 2;
+					yylval.name[len] = 0;
 					return NAME;
 				}
 <BOTH,SCRIPT,EXPRESSION>"\n"		{ lineno++;}