mirror/binutils-gdb
2
0
Fork 0
mirror of https://sourceware.org/git/binutils-gdb.git synced 2024-12-09 04:21:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix an invalid memory access triggered by running readelf on a fuzzed binary.

Browse Source 
PR binutils/17531
	* readelf.c (process_mips_specific): Fail if an option has an
	invalid size.
This commit is contained in:
Nick Clifton 2015-02-06 12:59:25 +00:00
parent 9e2dec4710
commit 5532504724
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
binutils/ChangeLog
View File

@ -8,6 +8,8 @@
* dwarf.c (xcmalloc): Fail if the arguments are too big.
(xcrealloc): Likewise.
(xcalloc2): Likewise.
* readelf.c (process_mips_specific): Fail if an option has an
invalid size.
2015-02-05 Alan Modra <amodra@gmail.com>

5
binutils/readelf.c
View File

@ -13880,9 +13880,8 @@ process_mips_specific (FILE * file)
if (option->size < sizeof (* eopt)
|| offset + option->size > sect->sh_size)
{
warn (_("Invalid size (%u) for MIPS option\n"), option->size);
option->size = sizeof (* eopt);
break;
error (_("Invalid size (%u) for MIPS option\n"), option->size);
return 0;
}
offset += option->size;