From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pg1-x533.google.com (mail-pg1-x533.google.com [IPv6:2607:f8b0:4864:20::533]) by sourceware.org (Postfix) with ESMTPS id 8FBBF3858D32 for ; Wed, 5 Oct 2022 04:22:28 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 8FBBF3858D32 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-pg1-x533.google.com with SMTP id c7so14351502pgt.11 for ; Tue, 04 Oct 2022 21:22:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-disposition:mime-version:message-id:subject:to:from:date :from:to:cc:subject:date; bh=1tf9kZbWbAVfeAcEvq3HrM405y9CQ7fbShmP08V3W0c=; b=fIVbCwU8YZMNUCYql6H7yXpYNhIJMvqiOko32aVZvja8iLrqI/Hec3vwRiIzHreRIH zW6fVTpgfC4j6Iu04Z8dheWxA7fVi0X7AmBVVPqsFD1LyqSgL+O/dD0Sl0JZqtmJAH4j pX94HRj3joQXdpaKsYYRfymqRhEBOI5AarQUj5ZRvwhzVucqe7FCsagj1JwWQDMI/PBT tzrwfpYew0l2uiy1TglDxlYR9IytxGeOcC9JIIk0RsdupGRQ+XgrJ8+mk8f6ZqN7KlyA ZvB7zSZDDLAxhiqDPoEvrZrbC4mt1wPteCB7M4/MX1HCscHShGD/sU+bmDyhObfgLxrh YSnQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-disposition:mime-version:message-id:subject:to:from:date :x-gm-message-state:from:to:cc:subject:date; bh=1tf9kZbWbAVfeAcEvq3HrM405y9CQ7fbShmP08V3W0c=; b=Zw7UjumMaFti0d1L0n7x/ZG+FZCg7j0hrtGxXzYXExfdOGYNM+Ea13sCq1rI/veClb OdphOjxX8QkFeczVi33dCq0tmF+6qaK/mLGOubiu9ar5uZ9Kd/zkmaF4MH4Y5B3YAFC+ uoolaR+h98GhN6NcuRun6r8qsANG9pgUUDo7d5hRjlxtamD6HuynGcZ8ETWzHlB3FGLS YM3TxAAAr7uNT45dBtJeHGdzgYoJCZUhBD+vX0FWGMzGN9OTpnJ+6/F6bv6ee3EIiA0H 9he+r5l6HmxXa9NdnJzj6BNLmzz/lnitP6A3wq7zre68DMAH0gR3b7Na1gph9VqUnhX8 KX+w== X-Gm-Message-State: ACrzQf2j1D30/yjcNnQHXajDL5HanKxl81QqQ29oqHdHnLCTWNcNpNZO GRVVumJQJBDiW+RhkUOxx6eQe+5gNe4= X-Google-Smtp-Source: AMsMyM5K8eWH8loHxeGln4qrCvJM4xUBSIS5kfKOn4D8PTO8DTkUa/x9D2cQDy15OhHnerVsaBtTHQ== X-Received: by 2002:a62:a512:0:b0:536:e2bd:e15e with SMTP id v18-20020a62a512000000b00536e2bde15emr31452010pfm.1.1664943747113; Tue, 04 Oct 2022 21:22:27 -0700 (PDT) Received: from squeak.grove.modra.org ([2406:3400:51d:8cc0:63b5:ea40:cab:894b]) by smtp.gmail.com with ESMTPSA id p11-20020a170902e74b00b0017f73caf588sm2134755plf.218.2022.10.04.21.22.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 04 Oct 2022 21:22:26 -0700 (PDT) Received: by squeak.grove.modra.org (Postfix, from userid 1000) id 1B6F2114311D; Wed, 5 Oct 2022 14:52:24 +1030 (ACDT) Date: Wed, 5 Oct 2022 14:52:24 +1030 From: Alan Modra To: binutils@sourceware.org Subject: Re: stab nearest_line bfd_malloc_and_get_section Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spam-Status: No, score=-3035.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: It didn't take long for the fuzzers to avoid size checks in bfd_malloc_and_get_section. Plug this hole. * syms.c (_bfd_stab_section_find_nearest_line): Ignore fuzzed sections with no contents. diff --git a/bfd/syms.c b/bfd/syms.c index e8077f59bf0..c9d27ebe5d4 100644 --- a/bfd/syms.c +++ b/bfd/syms.c @@ -1019,6 +1019,10 @@ _bfd_stab_section_find_nearest_line (bfd *abfd, return true; } + if ((info->stabsec->flags & SEC_HAS_CONTENTS) == 0 + || (info->strsec->flags & SEC_HAS_CONTENTS) == 0) + goto out; + stabsize = (info->stabsec->rawsize ? info->stabsec->rawsize : info->stabsec->size); -- Alan Modra Australia Development Lab, IBM