OpenE2K/binutils-gdb
12
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix an illegal memory access in the BFD library which can be triggered by an attempt to parse a corrupt PE format file.

Browse Source 
PR26240
	* coffgen.c (coff_get_normalized_symtab): Fix off-by-one error in
	check for aux entries that overflow the buufer.
This commit is contained in:
Nick Clifton 2020-07-15 11:15:16 +01:00
parent d804c486ce
commit 78fede7066
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
bfd/ChangeLog
View File

@ -1,3 +1,9 @@
2020-07-15 Nick Clifton <nickc@redhat.com>
PR26240
* coffgen.c (coff_get_normalized_symtab): Fix off-by-one error in
check for aux entries that overflow the buufer.
2020-07-10 Alan Modra <amodra@gmail.com>
* elf64-ppc.h (struct ppc64_elf_params): Add power10_stubs.

2
bfd/coffgen.c
View File

@ -1814,7 +1814,7 @@ coff_get_normalized_symtab (bfd *abfd)
internal_ptr->is_sym = TRUE;
/* PR 17512: Prevent buffer overrun. */
if (symbol_ptr->u.syment.n_numaux > (raw_end - raw_src) / symesz)
if (symbol_ptr->u.syment.n_numaux > ((raw_end - 1) - raw_src) / symesz)
{
bfd_release (abfd, internal);
return NULL;