Imagelibrary/binutils-gdb
1
0
Fork 1
mirror of https://github.com/bminor/binutils-gdb.git synced 2025-12-26 17:18:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

More fixes for buffer overruns instigated by corrupt binaries.

Browse Source 
PR binutils/17512
	* objdump.c (slurp_symtab): Fail gracefully if the table could not
	be read.
	(dump_relocs_in_section): Likewise.

	* aoutx.h (slurp_symbol_table): Check that computed table size is
	not bigger than the file from which is it being read.
	(slurp_reloc_table): Likewise.
	* coffcode.h (coff_slurp_line_table): Remove unneeded local
	'warned'.  Do not try to print the details of a symbol with an
	invalid index.
	* coffgen.c (make_a_sectiobn_from_file): Check computed string
	index against length of string table.
	(bfd_coff_internal_syment_name): Check read in string offset
	against length of string table.
	(build_debug_section): Return a pointer to the section used.
	(_bfd_coff_read_string_table): Store the length of the string
	table in the coff_tdata structure.
	(bfd_coff_free_symbols): Set the length of the string table to
	zero when it is freed.
	(coff_get_normalized_symtab): Check offsets against string table
	or data table lengths as appropriate.
	* cofflink.c (_bfd_coff_link_input_bfd): Check offset against
	length of string table.
	* compress.c (bfd_get_full_section_contents): Check computed size
	against the size of the file.
	* libcoff-in.h (obj_coff_strings_len): Define.
	(struct coff_tdata): Add strings_len field.
	* libcoff.h: Regenerate.
	* peXXigen.c (pe_print_debugdata): Do not attempt to print the
	data if the debug section is too small.
	* xcofflink.c (xcoff_link_input_bfd):  Check offset against
	length of string table.
This commit is contained in:
Nick Clifton
2014-11-03 17:44:00 +00:00
parent ba241f2d5a
commit 5a3f568b70
12 changed files with 140 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
binutils/objdump.c
View File

@@ -562,7 +562,10 @@ slurp_symtab (bfd *abfd)
storage = bfd_get_symtab_upper_bound (abfd);
if (storage < 0)
bfd_fatal (bfd_get_filename (abfd));
{
non_fatal (_("failed to read symbol table from: %s"), bfd_get_filename (abfd));
bfd_fatal (_("error message was"));
}
if (storage)
sy = (asymbol **) xmalloc (storage);
@@ -3108,7 +3111,11 @@ dump_relocs_in_section (bfd *abfd,
relcount = bfd_canonicalize_reloc (abfd, section, relpp, syms);
if (relcount < 0)
bfd_fatal (bfd_get_filename (abfd));
{
printf ("\n");
non_fatal (_("failed to read relocs in: %s"), bfd_get_filename (abfd));
bfd_fatal (_("error message was"));
}
else if (relcount == 0)
printf (" (none)\n\n");
else