/* BFD semi-generic back-end for a.out binaries.
- Copyright (C) 1990-2018 Free Software Foundation, Inc.
+ Copyright (C) 1990-2019 Free Software Foundation, Inc.
Written by Cygnus Support.
This file is part of BFD, the Binary File Descriptor library.
#define KEEPIT udata.i
#include "sysdep.h"
+#include <limits.h>
#include "bfd.h"
#include "safe-ctype.h"
#include "bfdlink.h"
#ifdef USE_MMAP
if (stringsize >= BYTES_IN_WORD)
{
- if (! bfd_get_file_window (abfd, obj_str_filepos (abfd), stringsize,
+ if (! bfd_get_file_window (abfd, obj_str_filepos (abfd), stringsize + 1,
&obj_aout_string_window (abfd), TRUE))
return FALSE;
strings = (char *) obj_aout_string_window (abfd).data;
else
#endif
{
- strings = (char *) bfd_malloc (stringsize);
+ strings = (char *) bfd_malloc (stringsize + 1);
if (strings == NULL)
return FALSE;
/* Ensure that a zero index yields an empty string. */
strings[0] = '\0';
- strings[stringsize - 1] = 0;
+ /* Ensure that the string buffer is NUL terminated. */
+ strings[stringsize] = 0;
obj_aout_external_strings (abfd) = strings;
obj_aout_external_string_size (abfd) = stringsize;
long
NAME (aout, get_reloc_upper_bound) (bfd *abfd, sec_ptr asect)
{
+ bfd_size_type count;
+
if (bfd_get_format (abfd) != bfd_object)
{
bfd_set_error (bfd_error_invalid_operation);
}
if (asect->flags & SEC_CONSTRUCTOR)
- return sizeof (arelent *) * (asect->reloc_count + 1);
-
- if (asect == obj_datasec (abfd))
- return sizeof (arelent *)
- * ((exec_hdr (abfd)->a_drsize / obj_reloc_entry_size (abfd))
- + 1);
-
- if (asect == obj_textsec (abfd))
- return sizeof (arelent *)
- * ((exec_hdr (abfd)->a_trsize / obj_reloc_entry_size (abfd))
- + 1);
-
- if (asect == obj_bsssec (abfd))
- return sizeof (arelent *);
-
- if (asect == obj_bsssec (abfd))
- return 0;
+ count = asect->reloc_count;
+ else if (asect == obj_datasec (abfd))
+ count = exec_hdr (abfd)->a_drsize / obj_reloc_entry_size (abfd);
+ else if (asect == obj_textsec (abfd))
+ count = exec_hdr (abfd)->a_trsize / obj_reloc_entry_size (abfd);
+ else if (asect == obj_bsssec (abfd))
+ count = 0;
+ else
+ {
+ bfd_set_error (bfd_error_invalid_operation);
+ return -1;
+ }
- bfd_set_error (bfd_error_invalid_operation);
- return -1;
+ if (count >= LONG_MAX / sizeof (arelent *))
+ {
+ bfd_set_error (bfd_error_file_too_big);
+ return -1;
+ }
+ return (count + 1) * sizeof (arelent *);
}
\f
long
const char *symname;
symname = q->symbol.name;
- if (strcmp (symname + strlen (symname) - 2, ".o") == 0)
+
+ if (symname != NULL
+ && strlen (symname) > 2
+ && strcmp (symname + strlen (symname) - 2, ".o") == 0)
{
if (q->symbol.value > low_line_vma)
{
case N_FUN:
{
/* We'll keep this if it is nearer than the one we have already. */
- if (q->symbol.value >= low_func_vma &&
- q->symbol.value <= offset)
+ if (q->symbol.value >= low_func_vma
+ && q->symbol.value <= offset)
{
low_func_vma = q->symbol.value;
func = (asymbol *)q;
projects / external / binutils.git / blobdiff