mirror/binutils-gdb
2
0
Fork 0
mirror of https://sourceware.org/git/binutils-gdb.git synced 2025-01-06 12:09:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

objdump: file name table entry count check

Browse Source 
Fuzzers have found that objdump -W takes a really long time if
the entry count uleb is ridiculously large, and format attributes
don't consume data (which doesn't make sense for a table of names).

	* dwarf.c (display_formatted_table): Sanity check count of
	table entries.
This commit is contained in:
Alan Modra 2023-08-22 11:41:37 +09:30
parent 5bf26ab7cb
commit 8032f75b29
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
binutils/dwarf.c
View File

@ -4313,10 +4313,10 @@ display_formatted_table (unsigned char *data,
printf (_("\n The %s is empty.\n"), table_name);
return data;
}
else if (data >= end)
else if (data >= end
|| data_count > (size_t) (end - data))
{
warn (_("%s: Corrupt entry count - expected %#" PRIx64
" but none found\n"), table_name, data_count);
warn (_("%s: Corrupt entry count %#" PRIx64 "\n"), table_name, data_count);
return data;
}