From 7e8b60085eb3e6f2c41bc0c00c0d759fa7f72780 Mon Sep 17 00:00:00 2001 From: Nick Clifton Date: Fri, 1 Sep 2017 11:20:51 +0100 Subject: [PATCH] Prevent an address violation parsing corrupt DWARF information by fixing the test for an overlong debug line info structure. PR 22059 * dwarf2.c (decode_line_info): Fix test for an overlong line info structure. --- bfd/ChangeLog | 6 ++++++ bfd/dwarf2.c | 6 +++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/bfd/ChangeLog b/bfd/ChangeLog index e0dd88f..8c6e8b1 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,5 +1,11 @@ 2017-09-01 Nick Clifton + PR 22059 + * dwarf2.c (decode_line_info): Fix test for an overlong line info + structure. + +2017-09-01 Nick Clifton + PR 22058 * elf-attrs.c (_bfd_elf_parse_attributes): Ensure that the attribute buffer is NUL terminated. diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c index 40a187a..856c963 100644 --- a/bfd/dwarf2.c +++ b/bfd/dwarf2.c @@ -2096,12 +2096,12 @@ decode_line_info (struct comp_unit *unit, struct dwarf2_debug *stash) offset_size = 8; } - if (lh.total_length > stash->dwarf_line_size) + if (unit->line_offset + lh.total_length > stash->dwarf_line_size) { _bfd_error_handler /* xgettext: c-format */ - (_("Dwarf Error: Line info data is bigger (%#Lx) than the section (%#Lx)"), - lh.total_length, stash->dwarf_line_size); + (_("Dwarf Error: Line info data is bigger (%#Lx) than the space remaining in the section (%#Lx)"), + lh.total_length, stash->dwarf_line_size - unit->line_offset); bfd_set_error (bfd_error_bad_value); return NULL; } -- 2.7.4