From 9bff840e8cc560f5096a43609ed3e0d980733fd9 Mon Sep 17 00:00:00 2001 From: Alan Modra Date: Thu, 11 Apr 2019 19:42:31 +0930 Subject: [PATCH] PR24435, buffer overflow reading dynamic entries PR 24435 * elflink.c (elf_link_add_object_symbols): Don't read partial dynamic entries from fuzzed objects. --- bfd/ChangeLog | 6 ++++++ bfd/elflink.c | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 022e7c3f08..a3cdfc6505 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,9 @@ +2019-04-11 Alan Modra + + PR 24435 + * elflink.c (elf_link_add_object_symbols): Don't read partial + dynamic entries from fuzzed objects. + 2019-04-11 Tamar Christina PR ld/24302 diff --git a/bfd/elflink.c b/bfd/elflink.c index c796e27a14..8aae9808a1 100644 --- a/bfd/elflink.c +++ b/bfd/elflink.c @@ -4076,7 +4076,7 @@ error_free_dyn: shlink = elf_elfsections (abfd)[elfsec]->sh_link; for (extdyn = dynbuf; - extdyn < dynbuf + s->size; + extdyn <= dynbuf + s->size - bed->s->sizeof_dyn; extdyn += bed->s->sizeof_dyn) { Elf_Internal_Dyn dyn;