mirrors/binutils-gdb
0
0
Fork 0
mirror of https://sourceware.org/git/binutils-gdb.git synced 2024-12-03 23:34:02 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

PR22746, crash when running 32-bit objdump on corrupted file

Browse Source 
Avoid unsigned int overflow by performing bfd_size_type multiplication.

	PR 22746
	* elfcode.h (elf_object_p): Avoid integer overflow.
This commit is contained in:
Alan Modra 2018-01-25 21:47:41 +10:30
parent bb363086e7
commit 38e64b0ecc
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
bfd/ChangeLog
View File

@ -1,3 +1,8 @@
2018-01-25 Alan Modra <amodra@gmail.com>
PR 22746
* elfcode.h (elf_object_p): Avoid integer overflow.
2018-01-25 Eric Botcazou <ebotcazou@adacore.com>
PR ld/22727

4
bfd/elfcode.h
View File

@ -680,7 +680,7 @@ elf_object_p (bfd *abfd)
if (i_ehdrp->e_shnum > ((bfd_size_type) -1) / sizeof (*i_shdrp))
goto got_wrong_format_error;
#endif
amt = sizeof (*i_shdrp) * i_ehdrp->e_shnum;
amt = sizeof (*i_shdrp) * (bfd_size_type) i_ehdrp->e_shnum;
i_shdrp = (Elf_Internal_Shdr *) bfd_alloc (abfd, amt);
if (!i_shdrp)
goto got_no_match;
@ -776,7 +776,7 @@ elf_object_p (bfd *abfd)
if (i_ehdrp->e_phnum > ((bfd_size_type) -1) / sizeof (*i_phdr))
goto got_wrong_format_error;
#endif
amt = i_ehdrp->e_phnum * sizeof (*i_phdr);
amt = (bfd_size_type) i_ehdrp->e_phnum * sizeof (*i_phdr);
elf_tdata (abfd)->phdr = (Elf_Internal_Phdr *) bfd_alloc (abfd, amt);
if (elf_tdata (abfd)->phdr == NULL)
goto got_no_match;