Automatic date update in version.in

[external/binutils.git] / bfd / archive64.c

diff --git a/bfd/archive64.c b/bfd/archive64.c
index 312bf82..a2c628e 100644 (file)
--- a/bfd/archive64.c
+++ b/bfd/archive64.c
@@ -90,7 +90,14 @@ _bfd_archive_64_bit_slurp_armap (bfd *abfd)
   ptrsize = 8 * nsymz;
 
   amt = carsym_size + stringsize + 1;
-  if (carsym_size < nsymz || ptrsize < nsymz || amt < nsymz)
+  if (/* Catch overflow in stringsize (and ptrsize) expression.  */
+      nsymz >= (bfd_size_type) -1 / 8
+      || stringsize > parsed_size
+      /* Catch overflow in carsym_size expression.  */
+      || nsymz > (bfd_size_type) -1 / sizeof (carsym)
+      /* Catch overflow in amt expression.  */
+      || amt <= carsym_size
+      || amt <= stringsize)
     {
       bfd_set_error (bfd_error_malformed_archive);
       return FALSE;
@@ -100,8 +107,6 @@ _bfd_archive_64_bit_slurp_armap (bfd *abfd)
     return FALSE;
   carsyms = ardata->symdefs;
   stringbase = ((char *) ardata->symdefs) + carsym_size;
-  stringbase[stringsize] = 0;
-  stringend = stringbase + stringsize;
 
   raw_armap = (bfd_byte *) bfd_alloc (abfd, ptrsize);
   if (raw_armap == NULL)
@@ -115,15 +120,17 @@ _bfd_archive_64_bit_slurp_armap (bfd *abfd)
       goto release_raw_armap;
     }
 
+  stringend = stringbase + stringsize;
+  *stringend = 0;
   for (i = 0; i < nsymz; i++)
     {
       carsyms->file_offset = bfd_getb64 (raw_armap + i * 8);
       carsyms->name = stringbase;
-      if (stringbase < stringend)
-       stringbase += strlen (stringbase) + 1;
+      stringbase += strlen (stringbase);
+      if (stringbase != stringend)
+       ++stringbase;
       ++carsyms;
     }
-  *stringbase = '\0';
 
   ardata->symdef_count = nsymz;
   ardata->first_file_filepos = bfd_tell (abfd);