From f0b3dbfc47e96c4c0dfabb010e34923dedfaae87 Mon Sep 17 00:00:00 2001
From: Tristan Gingold <gingold@adacore.com>
Date: Wed, 9 Jun 2010 13:28:31 +0000
Subject: [PATCH] 2010-06-09 Tristan Gingold  <gingold@adacore.com>

	* bfdio.c (bfd_bread): Fix the code to prevent reading past the
	end of archive members.
---
 bfd/ChangeLog | 5 +++++
 bfd/bfdio.c   | 8 ++++++--
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 6c4e8ca..ea74ef9 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,8 @@
+2010-06-09 Tristan Gingold  <gingold@adacore.com>
+
+	* bfdio.c (bfd_bread): Fix the code to prevent reading past the
+	end of archive members.
+
 2010-06-08  Tristan Gingold  <gingold@adacore.com>
 
 	* som.c (som_bfd_free_cached_info): Do not free relocations as
diff --git a/bfd/bfdio.c b/bfd/bfdio.c
index 4c13a76..ce92781 100644
--- a/bfd/bfdio.c
+++ b/bfd/bfdio.c
@@ -180,8 +180,12 @@ bfd_bread (void *ptr, bfd_size_type size, bfd *abfd)
   if (abfd->arelt_data != NULL)
     {
       size_t maxbytes = ((struct areltdata *) abfd->arelt_data)->parsed_size;
-      if (size > maxbytes)
-	size = maxbytes;
+      if (abfd->where + size > maxbytes)
+        {
+          if (abfd->where >= maxbytes)
+            return 0;
+          size = maxbytes - abfd->where;
+        }
     }
 
   if (abfd->iovec)
-- 
2.7.4