mirror/binutils-gdb
2
0
Fork 0
mirror of https://sourceware.org/git/binutils-gdb.git synced 2025-01-18 12:24:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

asan: heap buffer overflow in _bfd_elf_parse_attributes

Browse Source 
* elf-attrs.c (_bfd_elf_parse_attributes): Break out of loop if
	subsection length is too small to cover tag and length field.
This commit is contained in:
Alan Modra 2021-06-02 14:47:17 +09:30
parent 75bf2c9cf7
commit 45342c7c91
2 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
bfd/ChangeLog
View File

@ -1,3 +1,8 @@
2021-06-02 Alan Modra <amodra@gmail.com>
* elf-attrs.c (_bfd_elf_parse_attributes): Break out of loop if
subsection length is too small to cover tag and length field.
2021-05-31 Nelson Chu <nelson.chu@sifive.com>
Lifang Xia <lifang_xia@c-sky.com>

6
bfd/elf-attrs.c
View File

@ -548,15 +548,15 @@ _bfd_elf_parse_attributes (bfd *abfd, Elf_Internal_Shdr * hdr)
}
else
{
subsection_len = 0;
p = p_end;
break;
}
if (subsection_len == 0)
break;
if (subsection_len > section_len)
subsection_len = section_len;
section_len -= subsection_len;
end = orig_p + subsection_len;
if (end < p)
break;
switch (tag)
{
case Tag_File: