From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1062) id 278BD3857B86; Sat, 13 Aug 2022 06:53:05 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 278BD3857B86 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Alan Modra To: bfd-cvs@sourceware.org Subject: [binutils-gdb] PR29482 - strip: heap-buffer-overflow X-Act-Checkin: binutils-gdb X-Git-Author: Alan Modra X-Git-Refname: refs/heads/master X-Git-Oldrev: 80075150727d653c39e9d037e15c6b87dcef08cd X-Git-Newrev: ef186fe54aa6d281a3ff8a9528417e5cc614c797 Message-Id: <20220813065305.278BD3857B86@sourceware.org> Date: Sat, 13 Aug 2022 06:53:05 +0000 (GMT) X-BeenThere: binutils-cvs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Binutils-cvs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Aug 2022 06:53:05 -0000 https://sourceware.org/git/gitweb.cgi?p=3Dbinutils-gdb.git;h=3Def186fe54aa6= d281a3ff8a9528417e5cc614c797 commit ef186fe54aa6d281a3ff8a9528417e5cc614c797 Author: Alan Modra Date: Sat Aug 13 15:32:47 2022 +0930 PR29482 - strip: heap-buffer-overflow =20 PR 29482 * coffcode.h (coff_set_section_contents): Sanity check _LIB. Diff: --- bfd/coffcode.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/bfd/coffcode.h b/bfd/coffcode.h index 67aaf158ca1..52027981c3f 100644 --- a/bfd/coffcode.h +++ b/bfd/coffcode.h @@ -4302,10 +4302,13 @@ coff_set_section_contents (bfd * abfd, =20 rec =3D (bfd_byte *) location; recend =3D rec + count; - while (rec < recend) + while (recend - rec >=3D 4) { + size_t len =3D bfd_get_32 (abfd, rec); + if (len =3D=3D 0 || len > (size_t) (recend - rec) / 4) + break; + rec +=3D len * 4; ++section->lma; - rec +=3D bfd_get_32 (abfd, rec) * 4; } =20 BFD_ASSERT (rec =3D=3D recend);