+2017-06-26 Nick Clifton <nickc@redhat.com>
+
+ PR binutils/21665
+ * opncls.c (get_build_id): Check that the section is beig enough
+ to contain the whole note.
+ * compress.c (bfd_get_full_section_contents): Check for and reject
+ a section whoes size is greater than the size of the entire file.
+ * elf32-v850.c (v850_elf_copy_notes): Allow for the ouput to not
+ contain a notes section.
+
2017-06-26 Andreas Krebbel <krebbel@linux.vnet.ibm.com>
* elf64-s390.c (elf_s390_additional_program_headers): Add NULL
*ptr = NULL;
return TRUE;
}
+ else if (bfd_get_file_size (abfd) > 0
+ && sz > (bfd_size_type) bfd_get_file_size (abfd))
+ {
+ *ptr = NULL;
+ return FALSE;
+ }
switch (sec->compress_status)
{
BFD_ASSERT (bfd_malloc_and_get_section (ibfd, inotes, & icont));
if ((ocont = elf_section_data (onotes)->this_hdr.contents) == NULL)
- BFD_ASSERT (bfd_malloc_and_get_section (obfd, onotes, & ocont));
+ /* If the output is being stripped then it is possible for
+ the notes section to disappear. In this case do nothing. */
+ return;
/* Copy/overwrite notes from the input to the output. */
memcpy (ocont, icont, bfd_section_size (obfd, onotes));
Elf_External_Note *enote;
bfd_byte *contents;
asection *sect;
+ bfd_size_type size;
BFD_ASSERT (abfd);
return NULL;
}
+ size = bfd_get_section_size (sect);
/* FIXME: Should we support smaller build-id notes ? */
- if (bfd_get_section_size (sect) < 0x24)
+ if (size < 0x24)
{
bfd_set_error (bfd_error_invalid_operation);
return NULL;
return NULL;
}
+ /* FIXME: Paranoia - allow for compressed build-id sections.
+ Maybe we should complain if this size is different from
+ the one obtained above... */
+ size = bfd_get_section_size (sect);
+ if (size < sizeof (Elf_External_Note))
+ {
+ bfd_set_error (bfd_error_invalid_operation);
+ free (contents);
+ return NULL;
+ }
+
enote = (Elf_External_Note *) contents;
inote.type = H_GET_32 (abfd, enote->type);
inote.namesz = H_GET_32 (abfd, enote->namesz);
if (inote.descsz == 0
|| inote.type != NT_GNU_BUILD_ID
|| inote.namesz != 4 /* sizeof "GNU" */
- || strcmp (inote.namedata, "GNU") != 0)
+ || strncmp (inote.namedata, "GNU", 4) != 0
+ || size < (12 + BFD_ALIGN (inote.namesz, 4) + inote.descsz))
{
free (contents);
bfd_set_error (bfd_error_invalid_operation);
2017-06-26 Nick Clifton <nickc@redhat.com>
+ PR binutils/21665
+ * objdump.c (disassemble_section): Skip any section that is bigger
+ than the entire file.
+
+2017-06-26 Nick Clifton <nickc@redhat.com>
+
PR binutils/21659
* bucomm.c (get_file_size): Explicitly warn if the file is a
directory.
return;
datasize = bfd_get_section_size (section);
- if (datasize == 0)
+ if (datasize == 0 || datasize >= (bfd_size_type) bfd_get_file_size (abfd))
return;
if (start_address == (bfd_vma) -1
static void
dump_section (bfd *abfd, asection *section, void *dummy ATTRIBUTE_UNUSED)
{
- bfd_byte *data = 0;
+ bfd_byte *data = NULL;
bfd_size_type datasize;
bfd_vma addr_offset;
bfd_vma start_offset;
projects / external / binutils.git / commitdiff