Imagelibrary/binutils-gdb
1
0
Fork 1
mirror of https://github.com/bminor/binutils-gdb.git synced 2025-12-26 01:07:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

PR30657, gprof heap buffer overflow

Browse Source 
PR 30657
	* cg_arcs.c (cg_assemble): Sanity check find_call addresses.
	* i386.c (i386_find_call): Don't access past end of core_text_space.
	* aarch64.c (aarch64_find_call): Round up lowpc, round down highpc.
	* alpha.c (alpha_find_call): Likewise.
	* mips.c (mips_find_call): Likewise.
	* sparc.c (sparc_find_call): Likewise.
	* vax.c (vax_find_call): Sanity check core_text_space accesses.
This commit is contained in:
Alan Modra
2023-07-26 09:54:03 +09:30
parent eb14a8b4bf
commit 477c9f2ba2
7 changed files with 37 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
gprof/sparc.c
View File

@@ -51,7 +51,9 @@ sparc_find_call (Sym *parent, bfd_vma p_lowpc, bfd_vma p_highpc)
DBG (CALLDEBUG, printf ("[find_call] %s: 0x%lx to 0x%lx\n",
parent->name, (unsigned long) p_lowpc,
(unsigned long) p_highpc));
for (pc = (p_lowpc + 3) & ~(bfd_vma) 3; pc < p_highpc; pc += 4)
p_lowpc = (p_lowpc + 3) & ~3;
p_highpc &= ~3;
for (pc = p_lowpc; pc < p_highpc; pc += 4)
{
insn = bfd_get_32 (core_bfd, ((unsigned char *) core_text_space
+ pc - core_text_sect->vma));