mirror of
https://git.yoctoproject.org/poky
synced 2026-03-06 15:29:40 +01:00
b3b3137754
Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ef186fe54aa6d281a3ff8a9528417e5cc614c797] (From OE-Core rev: a7e44505667b60a160e9f1ad82105a181c747781) Signed-off-by: pgowda <pgowda.cve@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
37 lines
1.0 KiB
Diff
37 lines
1.0 KiB
Diff
From ef186fe54aa6d281a3ff8a9528417e5cc614c797 Mon Sep 17 00:00:00 2001
|
|
From: Alan Modra <amodra@gmail.com>
|
|
Date: Sat, 13 Aug 2022 15:32:47 +0930
|
|
Subject: [PATCH] PR29482 - strip: heap-buffer-overflow
|
|
|
|
PR 29482
|
|
* coffcode.h (coff_set_section_contents): Sanity check _LIB.
|
|
|
|
Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ef186fe54aa6d281a3ff8a9528417e5cc614c797]
|
|
|
|
Signed-off-by: Pgowda <pgowda.cve@gmail.com>
|
|
|
|
---
|
|
bfd/coffcode.h | 7 +++++--
|
|
1 file changed, 5 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/bfd/coffcode.h b/bfd/coffcode.h
|
|
index 67aaf158ca1..52027981c3f 100644
|
|
--- a/bfd/coffcode.h
|
|
+++ b/bfd/coffcode.h
|
|
@@ -4302,10 +4302,13 @@ coff_set_section_contents (bfd * abfd,
|
|
|
|
rec = (bfd_byte *) location;
|
|
recend = rec + count;
|
|
- while (rec < recend)
|
|
+ while (recend - rec >= 4)
|
|
{
|
|
+ size_t len = bfd_get_32 (abfd, rec);
|
|
+ if (len == 0 || len > (size_t) (recend - rec) / 4)
|
|
+ break;
|
|
+ rec += len * 4;
|
|
++section->lma;
|
|
- rec += bfd_get_32 (abfd, rec) * 4;
|
|
}
|
|
|
|
BFD_ASSERT (rec == recend);
|