Fix heap-buffer address violation when reading version data from a corrupt binary.
PR binutils/21437 * readelf.c (process_version_sections): Check for underflow when computing the start address of the auxillary version data.
This commit is contained in:
parent
d949ff5607
commit
4e3afec278
|
@ -1,3 +1,9 @@
|
|||
2017-04-28 Nick Clifton <nickc@redhat.com>
|
||||
|
||||
PR binutils/21437
|
||||
* readelf.c (process_version_sections): Check for underflow when
|
||||
computing the start address of the auxillary version data.
|
||||
|
||||
2017-04-28 Nick Clifton <nickc@redhat.com>
|
||||
|
||||
PR binutils/21438
|
||||
|
|
|
@ -10178,8 +10178,9 @@ process_version_sections (FILE * file)
|
|||
printf (_(" Index: %d Cnt: %d "),
|
||||
ent.vd_ndx, ent.vd_cnt);
|
||||
|
||||
/* Check for overflow. */
|
||||
if (ent.vd_aux + sizeof (* eaux) > (size_t) (endbuf - vstart))
|
||||
/* Check for overflow and underflow. */
|
||||
if (ent.vd_aux + sizeof (* eaux) > (size_t) (endbuf - vstart)
|
||||
|| (vstart + ent.vd_aux < vstart))
|
||||
break;
|
||||
|
||||
vstart += ent.vd_aux;
|
||||
|
|
Loading…
Reference in New Issue