mirror/binutils-gdb
2
0
Fork 0
mirror of https://sourceware.org/git/binutils-gdb.git synced 2024-11-21 01:12:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix a memory exhaustion bug when attempting to allocate room for an impossible number of program headers.

Browse Source 
* elfcode.h (elf_object_p): Check for corrupt input files with
	more program headers than can actually fit in the file.
This commit is contained in:
Nick Clifton 2018-11-30 11:45:33 +00:00
parent beab453223
commit 5f60af5d24
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
bfd/ChangeLog
View File

@ -1,3 +1,8 @@
2018-11-30 Nick Clifton <nickc@redhat.com>
* elfcode.h (elf_object_p): Check for corrupt input files with
more program headers than can actually fit in the file.
2018-11-30 Nick Clifton <nickc@redhat.com>
PR 23932

5
bfd/elfcode.h
View File

@ -784,6 +784,11 @@ elf_object_p (bfd *abfd)
if (i_ehdrp->e_phnum > ((bfd_size_type) -1) / sizeof (*i_phdr))
goto got_wrong_format_error;
#endif
/* Check for a corrupt input file with an impossibly large number
of program headers. */
if (bfd_get_file_size (abfd) > 0
&& i_ehdrp->e_phnum > bfd_get_file_size (abfd))
goto got_no_match;
amt = (bfd_size_type) i_ehdrp->e_phnum * sizeof (*i_phdr);
elf_tdata (abfd)->phdr = (Elf_Internal_Phdr *) bfd_alloc (abfd, amt);
if (elf_tdata (abfd)->phdr == NULL)