From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <amodra@sourceware.org>
Received: by sourceware.org (Postfix, from userid 1062)
 id 20D883858C54; Wed, 29 Mar 2023 02:50:05 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 20D883858C54
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
From: Alan Modra <amodra@sourceware.org>
To: bfd-cvs@sourceware.org
Subject: [binutils-gdb] Sanity check section size in
 bfd_init_section_compress_status
X-Act-Checkin: binutils-gdb
X-Git-Author: Alan Modra <amodra@gmail.com>
X-Git-Refname: refs/heads/master
X-Git-Oldrev: 647744420e69bf5fc8f5ab88a9d7dabd6087a890
X-Git-Newrev: aec101ab06697221d2bc2f82b3a65fb92054ed9f
Message-Id: <20230329025005.20D883858C54@sourceware.org>
Date: Wed, 29 Mar 2023 02:50:05 +0000 (GMT)
X-BeenThere: binutils-cvs@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Binutils-cvs mailing list <binutils-cvs.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/binutils-cvs>,
 <mailto:binutils-cvs-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/binutils-cvs/>
List-Help: <mailto:binutils-cvs-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/binutils-cvs>,
 <mailto:binutils-cvs-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Mar 2023 02:50:05 -0000

https://sourceware.org/git/gitweb.cgi?p=3Dbinutils-gdb.git;h=3Daec101ab0669=
7221d2bc2f82b3a65fb92054ed9f

commit aec101ab06697221d2bc2f82b3a65fb92054ed9f
Author: Alan Modra <amodra@gmail.com>
Date:   Wed Mar 29 12:45:16 2023 +1030

    Sanity check section size in bfd_init_section_compress_status
   =20
    This function doesn't just initialise for compression, it actually
    compresses.  This patch sanity checks section size before allocating
    buffers for the uncompressed contents.
   =20
            * compress.c (bfd_init_section_compress_status): Sanity check
            section size.

Diff:
---
 bfd/compress.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/bfd/compress.c b/bfd/compress.c
index 39f9c50a445..844328b27a9 100644
--- a/bfd/compress.c
+++ b/bfd/compress.c
@@ -1065,7 +1065,8 @@ bfd_init_section_compress_status (bfd *abfd, sec_ptr =
sec)
       || sec->size =3D=3D 0
       || sec->rawsize !=3D 0
       || sec->contents !=3D NULL
-      || sec->compress_status !=3D COMPRESS_SECTION_NONE)
+      || sec->compress_status !=3D COMPRESS_SECTION_NONE
+      || _bfd_section_size_insane (abfd, sec))
     {
       bfd_set_error (bfd_error_invalid_operation);
       return false;