From: Nick Clifton Date: Mon, 5 Dec 2016 16:00:43 +0000 (+0000) Subject: Fix seg-fault in linker when passed a bogus input script. X-Git-Tag: users/ARM/embedded-binutils-2_28-branch-2017q1~289 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=406bd128dba2a59d0736839fc87a59bce319076c;p=external%2Fbinutils.git Fix seg-fault in linker when passed a bogus input script. PR ld/20906 * ldlex.l: Check for bogus strings in linker scripts. --- diff --git a/ld/ChangeLog b/ld/ChangeLog index 3529834..19e94e9 100644 --- a/ld/ChangeLog +++ b/ld/ChangeLog @@ -1,3 +1,8 @@ +2016-12-05 Nick Clifton + + PR ld/20906 + * ldlex.l: Check for bogus strings in linker scripts. + 2016-12-05 Alyssa Milburn * testsuite/ld-sparc/wdispcall.s: New file. diff --git a/ld/ldlex.l b/ld/ldlex.l index e1394a0..cd21c58 100644 --- a/ld/ldlex.l +++ b/ld/ldlex.l @@ -415,9 +415,15 @@ V_IDENTIFIER [*?.$_a-zA-Z\[\]\-\!\^\\]([*?.$_a-zA-Z0-9\[\]\-\!\^\\]|::)* "\""[^\"]*"\"" { /* No matter the state, quotes - give what's inside */ + give what's inside. */ + bfd_size_type len; yylval.name = xstrdup (yytext + 1); - yylval.name[yyleng - 2] = 0; + /* PR ld/20906. A corrupt input file + can contain bogus strings. */ + len = strlen (yylval.name); + if (len > yyleng - 2) + len = yyleng - 2; + yylval.name[len] = 0; return NAME; } "\n" { lineno++;}