OpenE2K
/
binutils-gdb
12
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix seg-fault in linker parsing a corrupt input file. 

PR ld/20924
	(aout_link_add_symbols): Fix off by one error checking for
	overflow of string offset.
This commit is contained in:
Nick Clifton 2016-12-05 12:25:34 +00:00
parent 39d4daf68e
commit daae68f4f3
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bfd/ChangeLog
View File

@ -4,6 +4,10 @@
* aoutx.h (aout_link_add_symbols): Replace BFD_ASSERT with return
FALSE.
PR ld/20924
(aout_link_add_symbols): Fix off by one error checking for
overflow of string offset.
2016-12-03 Alan Modra <amodra@gmail.com>
* elf64-ppc.c (struct ppc_link_hash_entry): Delete "was_undefined".

4
bfd/aoutx.h
View File

@ -3094,7 +3094,7 @@ aout_link_add_symbols (bfd *abfd, struct bfd_link_info *info)
return FALSE;
++p;
/* PR 19629: Corrupt binaries can contain illegal string offsets. */
if (GET_WORD (abfd, p->e_strx) > obj_aout_external_string_size (abfd))
if (GET_WORD (abfd, p->e_strx) >= obj_aout_external_string_size (abfd))
return FALSE;
string = strings + GET_WORD (abfd, p->e_strx);
section = bfd_ind_section_ptr;
@ -3130,7 +3130,7 @@ aout_link_add_symbols (bfd *abfd, struct bfd_link_info *info)
++p;
string = name;
/* PR 19629: Corrupt binaries can contain illegal string offsets. */
if (GET_WORD (abfd, p->e_strx) > obj_aout_external_string_size (abfd))
if (GET_WORD (abfd, p->e_strx) >= obj_aout_external_string_size (abfd))
return FALSE;
name = strings + GET_WORD (abfd, p->e_strx);
section = bfd_und_section_ptr;