FreeChainXenon/binutils-gdb
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add checks for memory access violations exposed by fuzzed archives.

Browse source 
PR binutils/17531
	* dwarf.c (process_cu_tu_index): Check for an out of range row
	index.
	* elfcomm.c (adjust_relative_path): Change name_len parameter to
	an unsigned long.  Check for path length overflow.
	(process_archive_index_and_symbols): Check for invalid header
	size.
	(setup_archive): Add checks for invalid archives.
	(get_archive_member_name): Add range checks.
	* elfcomm.h (adjust_relative_path): Update prototyoe.
	* readelf.c (process_archive): Add range checks.
This commit is contained in:
Nick Clifton 2014-12-01 11:19:39 +00:00
parent 9e8cd6df3c
commit 591f7597d4
5 changed files with 79 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

8
binutils/dwarf.c
View file

@ -6796,6 +6796,14 @@ process_cu_tu_index (struct dwarf_section *section, int do_display)
SAFE_BYTE_GET (row, pi, 4, limit);
if (row != 0)
{
/* PR 17531: file: a05f6ab3. */
if (row >= nused)
{
warn (_("Row index (%u) is larger than number of used entries (%u)\n"),
row, nused);
return 0;
}
if (!do_display)
memcpy (&this_set[row - 1].signature, ph, sizeof (uint64_t));