From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pg1-x536.google.com (mail-pg1-x536.google.com [IPv6:2607:f8b0:4864:20::536]) by sourceware.org (Postfix) with ESMTPS id A51303857838 for ; Fri, 18 Nov 2022 01:02:51 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org A51303857838 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pg1-x536.google.com with SMTP id 62so3623104pgb.13 for ; Thu, 17 Nov 2022 17:02:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-disposition:mime-version:message-id:subject:to:from:date :from:to:cc:subject:date:message-id:reply-to; bh=dNihokxnN/8xJxBD3mvUVZc+KmNoJCR2DY153e9LH0Y=; b=DL8SAVWSRyi6BtRbXvm35dvt674NAZp2RPvyviqFiTgMJJi/GKFpgA9dVJgkDQsreY lOSie6+N9Jt5RpRb1Y6wy8RVAkYw2UVfOvh/mCy3vv0/gcQgiEGuonEsg5I14/8HHw++ 7regg3QsJL035grFk5FplInpBgzQ/8GEEXbs2A+ZSO6g1qr3lLV3DS5+1hBn2J50OQ6U YE8uzqv7neIYUO5N1I82tCC+P7hWpPUxmnTROnup+OEcQnQWppvVysODUlz5qlLwzY82 E7bg3wdAUONB15bRvGrgzoH+Nl+LQMS3Ca6YSTTKijZ565ZsOyK5ItbX2FP46E6ZBBt8 N5Ow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-disposition:mime-version:message-id:subject:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=dNihokxnN/8xJxBD3mvUVZc+KmNoJCR2DY153e9LH0Y=; b=ycG758nXVhXqqPZSE/rQ0zUXjskuW6qNHyCQ1AQSnXY7/3yTovBHuSLxcCruLr3wcm lMr+UE9C84hDBhMuLkd0yZoo3Yq0IPrzYmq3iFh8G4/dTWB3KR6vxbfAnSwB9w9UUCuL mNKXdaA5HsG2ArRfjt0Qg+zNMVjuFN1NnKx7Qlzg9kIJt9nKc6pxSKmabQNRDniNG7+U +PVsoCOLmt2n4urhqz7eoQnolr+Q4o2WQpz7fh7WaajqbWfVGewewvSXjIhYLBnNUb0q 5iEmP5AB1bcFarQefCFvr/26bZBr2ropUok2QGY5FCzNr3iaLSCtUmdkKN+nFn6V36pG Hsww== X-Gm-Message-State: ANoB5pmwH/HSqc9bxBimspuCjxQJmFlWTzH5ohwow7S2pKrEPLCvJ/yB /SURvgZBM5GsIf0GTnT2cdVjDyibmXQ= X-Google-Smtp-Source: AA0mqf6MdQ31iIsIatJ/+IQWXRA3XUdZHp4cr+kun7ehdMkiTkHJqf41m55nvZZNSHZF0rERnJqrXw== X-Received: by 2002:a63:eb15:0:b0:476:ea7d:2931 with SMTP id t21-20020a63eb15000000b00476ea7d2931mr4415079pgh.142.1668733370074; Thu, 17 Nov 2022 17:02:50 -0800 (PST) Received: from squeak.grove.modra.org ([2406:3400:51d:8cc0:4d9e:9cf4:c6f4:81ce]) by smtp.gmail.com with ESMTPSA id w11-20020a170902ca0b00b001867fdec154sm2003653pld.224.2022.11.17.17.02.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 17 Nov 2022 17:02:49 -0800 (PST) Received: by squeak.grove.modra.org (Postfix, from userid 1000) id 4306B11409DD; Fri, 18 Nov 2022 11:32:47 +1030 (ACDT) Date: Fri, 18 Nov 2022 11:32:47 +1030 From: Alan Modra To: binutils@sourceware.org Subject: go32 sanity check Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spam-Status: No, score=-3035.5 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: * coff-stgo32 (go32exe_check_format): Sanity check stubsize against filesize before malloc. diff --git a/bfd/coff-stgo32.c b/bfd/coff-stgo32.c index cb0df389375..17271753a7a 100644 --- a/bfd/coff-stgo32.c +++ b/bfd/coff-stgo32.c @@ -291,6 +291,10 @@ go32exe_check_format (bfd *abfd) if (last_page_size != 0) stubsize += last_page_size - 512; + ufile_ptr filesize = bfd_get_file_size (abfd); + if (filesize != 0 && stubsize > filesize) + goto fail_format; + /* Save now the stub to be used later. Put the stub data to a temporary location first as tdata still does not exist. It may not even be ever created if we are just checking the file format of ABFD. */ -- Alan Modra Australia Development Lab, IBM