PR binutils/13482

* readelf.c (process_corefile_note_segment): Fix off-by-one errors
	verifying the contents of a note.

	* binutils-all/version.s: New test source file.
	* binutils-all/readelf.n: New file: expected readelf output.
	* binutils-all/readelf.exp: Add test of .note section contents.

binutils/ChangeLog

@@ -1,3 +1,9 @@
+2012-02-01  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/13482
+	* readelf.c (process_corefile_note_segment): Fix off-by-one errors
+	verifying the contents of a note.
+
 2012-01-26  Nick Clifton  <nickc@redhat.com>
 
 	PR binutils/13622

binutils/readelf.c

@@ -1,6 +1,6 @@
 /* readelf.c -- display contents of an ELF format file
    Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007,
-   2008, 2009, 2010, 2011
+   2008, 2009, 2010, 2011, 2012
    Free Software Foundation, Inc.
 
    Originally developed by Eric Youngdale <eric@andante.jic.com>
@@ -12994,7 +12994,7 @@ process_corefile_note_segment (FILE * file, bfd_vma offset, bfd_vma length)
       external = next;
 
       /* Prevent out-of-bounds indexing.  */
-      if (inote.namedata + inote.namesz >= (char *) pnotes + length
+      if (inote.namedata + inote.namesz > (char *) pnotes + length
 	  || inote.namedata + inote.namesz < inote.namedata)
         {
           warn (_("corrupt note found at offset %lx into core notes\n"),
@@ -13008,7 +13008,7 @@ process_corefile_note_segment (FILE * file, bfd_vma offset, bfd_vma length)
 	 one version of Linux (RedHat 6.0) generates corefiles that don't
 	 comply with the ELF spec by failing to include the null byte in
 	 namesz.  */
-      if (inote.namedata[inote.namesz] != '\0')
+      if (inote.namedata[inote.namesz - 1] != '\0')
 	{
 	  temp = (char *) malloc (inote.namesz + 1);
 

binutils/testsuite/ChangeLog

@@ -1,3 +1,9 @@
+2012-02-01  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/13482
+	* binutils-all/version.s: New test source file.
+	* binutils-all/readelf.n: New file: expected readelf output.
+	* binutils-all/readelf.exp: Add test of .note section contents.
 
 For older changes see ChangeLog-0411
 

binutils/testsuite/binutils-all/readelf.exp

@@ -1,4 +1,4 @@
-#   Copyright 1999, 2000, 2001, 2003, 2004, 2007, 2009
+#   Copyright 1999, 2000, 2001, 2003, 2004, 2007, 2009, 2012
 #   Free Software Foundation, Inc.
 
 # This program is free software; you can redistribute it and/or modify
@@ -337,3 +337,18 @@ readelf_wi_test
 readelf_compressed_wa_test
 
 readelf_dump_test
+
+# PR 13482 - Check for off-by-one errors when dumping .note sections.
+if {![binutils_assemble $srcdir/$subdir/version.s tmpdir/version.o]} then {
+    perror "could not assemble version note test file"
+    unresolved "readelf - failed to assemble"
+    return
+}
+
+if ![is_remote host] {
+    set tempfile tmpdir/version.o
+} else {
+    set tempfile [remote_download host tmpdir/version.o]
+}
+
+readelf_test -n $tempfile readelf.n  {}