The buffer_available overflow check wasn't complete. Also check nb
isn't too big.
https://sourceware.org/bugzilla/show_bug.cgi?id=28720
Signed-off-by: Mark Wielaard <mark@klomp.org>
+2022-01-03 Mark Wielaard <mark@klomp.org>
+
+ * link_map.c (read_addrs): Fix buffer_available nb overflow.
+
2021-12-23 Mark Wielaard <mark@klomp.org>
* link_map.c (read_addrs): Calculate addr to read by hand.
/* Read a new buffer if the old one doesn't cover these words. */
if (*buffer == NULL
|| vaddr < *read_vaddr
- || vaddr - (*read_vaddr) + nb > *buffer_available)
+ || nb > *buffer_available
+ || vaddr - (*read_vaddr) > *buffer_available - nb)
{
release_buffer (closure, buffer, buffer_available, 0);