FreeChainXenon/binutils-gdb
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix illegal memory access errors triggered by running srconv on fuzzed binaries.

Browse source 
PR binutils/17512
	* dwarf.c (read_leb128): Fix test for shift becoming too large.

	* coffgrok.c (do_define): Add check for type size overflow.
	* srconv.c (walk_tree_sfile): Check that enough sections are
	available before parsing.
	(prescan): Likewise.
This commit is contained in:
Nick Clifton 2015-02-13 12:14:05 +00:00
parent f641dd969f
commit 951eaaec17
3 changed files with 17 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

6
binutils/coffgrok.c
View file

@ -668,12 +668,10 @@ do_define (unsigned int i, struct coff_scope *b)
if (!is->init)
{
long high = s->where->offset + s->type->size;
is->low = s->where->offset;
is->high = high;
is->high = s->where->offset + s->type->size;
/* PR 17512: file: 37e7a80d. */
if (is->high != high)
if (is->high < s->where->offset)
fatal (_("Out of range type size: %u"), s->type->size);
is->init = 1;
is->parent = s->where->section;