XCOFF uninitialized read
* coff-rs6000.c (_bfd_xcoff_slurp_armap): Ensure size is large enough to read number of symbols.
This commit is contained in:
Alan Modra
parent
340f3ac808
commit
67338173a4
2 changed files with 9 additions and 4 deletions
|
|
@ -1,3 +1,8 @@
|
||||||
|
2020-03-20 Alan Modra <amodra@gmail.com>
|
||||||
|
|
||||||
|
* coff-rs6000.c (_bfd_xcoff_slurp_armap): Ensure size is large
|
||||||
|
enough to read number of symbols.
|
||||||
|
|
||||||
2020-03-20 Alan Modra <amodra@gmail.com>
|
2020-03-20 Alan Modra <amodra@gmail.com>
|
||||||
|
|
||||||
* elf.c (_bfd_elf_setup_sections): Don't test known non-NULL
|
* elf.c (_bfd_elf_setup_sections): Don't test known non-NULL
|
||||||
|
|
|
||||||
|
|
@ -1260,9 +1260,9 @@ _bfd_xcoff_slurp_armap (bfd *abfd)
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
GET_VALUE_IN_FIELD (sz, hdr.size, 10);
|
GET_VALUE_IN_FIELD (sz, hdr.size, 10);
|
||||||
if (sz == (bfd_size_type) -1)
|
if (sz + 1 < 5)
|
||||||
{
|
{
|
||||||
bfd_set_error (bfd_error_no_memory);
|
bfd_set_error (bfd_error_bad_value);
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1322,9 +1322,9 @@ _bfd_xcoff_slurp_armap (bfd *abfd)
|
||||||
return FALSE;
|
return FALSE;
|
||||||
|
|
||||||
GET_VALUE_IN_FIELD (sz, hdr.size, 10);
|
GET_VALUE_IN_FIELD (sz, hdr.size, 10);
|
||||||
if (sz == (bfd_size_type) -1)
|
if (sz + 1 < 9)
|
||||||
{
|
{
|
||||||
bfd_set_error (bfd_error_no_memory);
|
bfd_set_error (bfd_error_bad_value);
|
||||||
return FALSE;
|
return FALSE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue