From 4d3605c8ca92bcde848581a8ec031827c798501b Mon Sep 17 00:00:00 2001 From: Nikita Popov Date: Wed, 15 Dec 2021 17:49:06 +0000 Subject: [PATCH] Fix an undefined behaviour in the BFD library's DWARF parser. PR 28687 * dwarf1.c (parse_die): Fix undefined behaviour in range tests. --- bfd/ChangeLog | 5 +++++ bfd/dwarf1.c | 6 ++---- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 35b659b4ef9..24311710088 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,8 @@ +2021-12-15 Nikita Popov + + PR 28687 + * dwarf1.c (parse_die): Fix undefined behaviour in range tests. + 2021-11-17 Nick Clifton PR 28452 diff --git a/bfd/dwarf1.c b/bfd/dwarf1.c index f1c4e7ec48c..9f4665501b4 100644 --- a/bfd/dwarf1.c +++ b/bfd/dwarf1.c @@ -258,8 +258,7 @@ parse_die (bfd * abfd, if (xptr + 2 <= aDiePtrEnd) { block_len = bfd_get_16 (abfd, xptr); - if (xptr + block_len > aDiePtrEnd - || xptr + block_len < xptr) + if ((unsigned int) (aDiePtrEnd - xptr) < block_len) return false; xptr += block_len; } @@ -269,8 +268,7 @@ parse_die (bfd * abfd, if (xptr + 4 <= aDiePtrEnd) { block_len = bfd_get_32 (abfd, xptr); - if (xptr + block_len > aDiePtrEnd - || xptr + block_len < xptr) + if ((unsigned int) (aDiePtrEnd - xptr) < block_len) return false; xptr += block_len; }