From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <amodra@sourceware.org>
Received: by sourceware.org (Postfix, from userid 1062)
 id 4479D3858C54; Wed,  4 Jan 2023 13:32:18 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 4479D3858C54
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
From: Alan Modra <amodra@sourceware.org>
To: bfd-cvs@sourceware.org
Subject: [binutils-gdb] objcopy fuzzed pe out of memory
X-Act-Checkin: binutils-gdb
X-Git-Author: Alan Modra <amodra@gmail.com>
X-Git-Refname: refs/heads/master
X-Git-Oldrev: 3bba9d93294a8172018731477df72c1c3ef42136
X-Git-Newrev: fa19218f8b4ec6bc2d7da6b20dce5f2cd22072bd
Message-Id: <20230104133218.4479D3858C54@sourceware.org>
Date: Wed,  4 Jan 2023 13:32:18 +0000 (GMT)
X-BeenThere: binutils-cvs@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Binutils-cvs mailing list <binutils-cvs.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/binutils-cvs>,
 <mailto:binutils-cvs-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/binutils-cvs/>
List-Help: <mailto:binutils-cvs-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/binutils-cvs>,
 <mailto:binutils-cvs-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2023 13:32:18 -0000

https://sourceware.org/git/gitweb.cgi?p=3Dbinutils-gdb.git;h=3Dfa19218f8b4e=
c6bc2d7da6b20dce5f2cd22072bd

commit fa19218f8b4ec6bc2d7da6b20dce5f2cd22072bd
Author: Alan Modra <amodra@gmail.com>
Date:   Wed Jan 4 23:00:12 2023 +1030

    objcopy fuzzed pe out of memory
   =20
    This occurs when attempting to read back a section from the output
    file in _bfd_XX_bfd_copy_private_bfd_data_common.  The copy of the
    section failed size sanity checking, thus it won't be written.
   =20
            * objcopy.c (copy_object): Return false if copy_section or
            copy_relocations_in_section fails.

Diff:
---
 binutils/objcopy.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/binutils/objcopy.c b/binutils/objcopy.c
index 4d888906e67..80a5d52e227 100644
--- a/binutils/objcopy.c
+++ b/binutils/objcopy.c
@@ -3328,9 +3328,13 @@ copy_object (bfd *ibfd, bfd *obfd, const bfd_arch_in=
fo_type *input_arch)
=20
   /* This has to happen before section positions are set.  */
   bfd_map_over_sections (ibfd, copy_relocations_in_section, obfd);
+  if (status !=3D 0)
+    return false;
=20
   /* This has to happen after the symbol table has been set.  */
   bfd_map_over_sections (ibfd, copy_section, obfd);
+  if (status !=3D 0)
+    return false;
=20
   if (add_sections !=3D NULL)
     {