From d367307b93e5589245d1f2c8bbcfe709404540a8 Mon Sep 17 00:00:00 2001 From: Alan Modra Date: Sat, 17 Aug 2019 18:01:05 +0930 Subject: [PATCH] PR24911, Heap overflow issue in qsort_r, dwarf.c The actual args to this function are "pointers to pointers to debug_info". PR 24911 * dwarf.c (comp_addr_base): Dereference args. --- binutils/ChangeLog | 5 +++++ binutils/dwarf.c | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/binutils/ChangeLog b/binutils/ChangeLog index cf8eea7..7605a40 100644 --- a/binutils/ChangeLog +++ b/binutils/ChangeLog @@ -1,3 +1,8 @@ +2019-08-17 Alan Modra + + PR 24911 + * dwarf.c (comp_addr_base): Dereference args. + 2019-08-16 Alan Modra PR 24909 diff --git a/binutils/dwarf.c b/binutils/dwarf.c index d633832..b4738eb 100644 --- a/binutils/dwarf.c +++ b/binutils/dwarf.c @@ -6545,8 +6545,8 @@ display_debug_aranges (struct dwarf_section *section, static int comp_addr_base (const void * v0, const void * v1) { - debug_info * info0 = (debug_info *) v0; - debug_info * info1 = (debug_info *) v1; + debug_info *info0 = *(debug_info **) v0; + debug_info *info1 = *(debug_info **) v1; return info0->addr_base - info1->addr_base; } -- 2.7.4