+2005-06-14 Jakub Jelinek <jakub@redhat.com>
+
+ * elf.c (bfd_section_from_shdr): Fail if name is NULL.
+ Prevent endless recursion on broken objects.
+
+ * archive.c (do_slurp_coff_armap): Check for overflows.
+
2005-06-10 Daniel Jacobowitz <dan@codesourcery.com>
* elfcode.h (elf_write_relocs): Do nothing if there are no
/* The coff armap must be read sequentially. So we construct a
bsd-style one in core all at once, for simplicity. */
+ if (nsymz > ~ (bfd_size_type) 0 / sizeof (carsym))
+ return FALSE;
+
carsym_size = (nsymz * sizeof (carsym));
ptrsize = (4 * nsymz);
+ if (carsym_size + stringsize + 1 <= carsym_size)
+ return FALSE;
+
ardata->symdefs = bfd_zalloc (abfd, carsym_size + stringsize + 1);
if (ardata->symdefs == NULL)
return FALSE;
name = bfd_elf_string_from_elf_section (abfd,
elf_elfheader (abfd)->e_shstrndx,
hdr->sh_name);
+ if (name == NULL)
+ return FALSE;
switch (hdr->sh_type)
{
Elf_Internal_Shdr *hdr2 = elf_elfsections (abfd)[i];
if (hdr2->sh_link == shindex)
{
+ /* Prevent endless recursion on broken objects. */
+ if (i == shindex)
+ return FALSE;
if (! bfd_section_from_shdr (abfd, i))
return FALSE;
if (elf_onesymtab (abfd) == i)
return _bfd_elf_make_section_from_shdr (abfd, hdr, name,
shindex);
+ /* Prevent endless recursion on broken objects. */
+ if (elf_elfsections (abfd)[hdr->sh_info]->sh_type == SHT_REL
+ || elf_elfsections (abfd)[hdr->sh_info]->sh_type == SHT_RELA)
+ return FALSE;
if (! bfd_section_from_shdr (abfd, hdr->sh_info))
return FALSE;
target_sect = bfd_section_from_elf_index (abfd, hdr->sh_info);
projects / external / binutils.git / commitdiff