From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pf1-x430.google.com (mail-pf1-x430.google.com [IPv6:2607:f8b0:4864:20::430]) by sourceware.org (Postfix) with ESMTPS id 5844D382EA07 for ; Thu, 27 Oct 2022 07:36:37 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 5844D382EA07 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pf1-x430.google.com with SMTP id m6so740486pfb.0 for ; Thu, 27 Oct 2022 00:36:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-disposition:mime-version:message-id:subject:to:from:date :from:to:cc:subject:date:message-id:reply-to; bh=xNE43y0Wm8K62DOkqHunj3BtWI/mkr34CIic3hGhc5Y=; b=dW5xVA+kGPOyU8RvOQH3G4CS4OBYU0d8vzxnO7Vp+FbpDj92qeGNL3VrhfPfIMDMIy k8kDMCuaQzI3F5yZ1vhqWGZu6NMIEWZPrQ7kgJNBPDa7CxIqGzvdijrPcbKq6qZ6979D CrPj45x4GFaGwp69tXuzmC6dAc3of6TXHHIByhqNv3lIidAZHROcABSs8JTeRhFud5Z0 x2w9dA/Mv1eMoneG+rcuAXebIdlZhxF2adHMs7Ba/4f44f3EJuKGp/5rBCfriUDAZ/bU GzD6t4sfBREe7vQ1VMPPas/HNLq/V4IVMUXlf7gXPtxxcKwT8Ut94SlLjzBeRDVnZxEw h44Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-disposition:mime-version:message-id:subject:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=xNE43y0Wm8K62DOkqHunj3BtWI/mkr34CIic3hGhc5Y=; b=MLKnx+1oTNLARIyPqXAcbDBuSWWz4GFX+aw94tAU4aFsmo+eUPX61YFNN7Lhi/jN4X zMTOynzKPKRlopSUpEgiZa92Q3iSPaEmn8F7d3JWJaK7c+6mpSn3gsPSbhZsvzO3EqS1 AhjFfYNQHj9vKfKS65ZY9wiLEFAQ+BtDUJalVGGCYE5ByTKUczZzSetUCSYSZDRmrYgP SepOtn8YDGLPRGkg+Wqc1LKF5aWyndnPqsne+JlvlcugVEJVI7gtN1q/J82ziy9PJzmW j5H3ClqD414GTED4aBisK2eAOaPFKHWikJh7P0fftgHW3Nh8uqNIbyL4VP2YQWKoEr4v uvuw== X-Gm-Message-State: ACrzQf3RZFsly4y9ZnpM5pzeL9qf1OvxII3Mmg4Z0wRnFru8W8CpArXY hoD6XQoW+XO1cMBktRpq03D/GVaoWLs= X-Google-Smtp-Source: AMsMyM5y/UnRtR1ZEZlqEcEYZMmss58RtUaS8eaHIOHjUPWvIEloTNp7xu3ZCVrawD5pmojU4jH9ew== X-Received: by 2002:a17:902:9a07:b0:178:8024:1393 with SMTP id v7-20020a1709029a0700b0017880241393mr48078733plp.128.1666856185589; Thu, 27 Oct 2022 00:36:25 -0700 (PDT) Received: from squeak.grove.modra.org (158.106.96.58.static.exetel.com.au. [58.96.106.158]) by smtp.gmail.com with ESMTPSA id l17-20020a170902d05100b001782a6fbcacsm527276pll.101.2022.10.27.00.36.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Oct 2022 00:36:12 -0700 (PDT) Received: by squeak.grove.modra.org (Postfix, from userid 1000) id 95B2A1142D8A; Thu, 27 Oct 2022 18:06:08 +1030 (ACDT) Date: Thu, 27 Oct 2022 18:06:08 +1030 From: Alan Modra To: binutils@sourceware.org Subject: Fuzzed files in archives Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spam-Status: No, score=-3036.3 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: Given a fuzzed object file in an archive with section size exceeding file size, objcopy will report an error like "section size (0xfeffffff bytes) is larger than file size (0x17a bytes)" but will create a copy of the object laid out for the large section. That means a large temporary file on disk that is read back and written to the output archive, which can take a while. The output archive is then deleted due to the error. Avoid some of this silliness. * objcopy.c (copy_section): If section contents cannot be read set output section size to zero. diff --git a/binutils/objcopy.c b/binutils/objcopy.c index 6ffbdf9c681..d20aaef9f4f 100644 --- a/binutils/objcopy.c +++ b/binutils/objcopy.c @@ -4418,6 +4418,7 @@ copy_section (bfd *ibfd, sec_ptr isection, void *obfdarg) || !bfd_convert_section_contents (ibfd, isection, obfd, &memhunk, &size)) { + bfd_set_section_size (osection, 0); status = 1; bfd_nonfatal_message (NULL, ibfd, isection, NULL); free (memhunk); -- Alan Modra Australia Development Lab, IBM