More fixes for invalid memory accesses triggered by fuzzed binaries.

PR binutils/17512 * nm.c (print_symbol): Add 'is_synthetic' parameter. Use it to help initialize the info.elfinfo field. (print_size_symbols): Add 'synth_count' parameter. Use it to set the is_synthetic parameter when calling print_symbol. (print_symbols): Likewise. (display_rel_file): Pass synth_count to printing function. (display_archive): Break loop if the last archive displayed matches the current archive. * size.c (display_archive): Likewise. * archive.c (do_slurp_bsd_armap): Make sure that the parsed sized is at least big enough for the header to be read. * elf32-i386.c (elf_i386_get_plt_sym_val): Skip unknown relocs. * mach-o.c (bfd_mach_o_get_synthetic_symtab): Add range checks. (bfd_mach_o_read_command): Prevetn duplicate error messages about unrecognized commands. * syms.c (_bfd_stab_section_find_nearest_line): Add range checks when indexing into the string table.
2025-12-29 10:30:46 +00:00 · 2015-01-05 23:13:50 +00:00
parent 82b1b41bcd
commit 896ca09813
9 changed files with 150 additions and 39 deletions
--- a/bfd/archive.c
+++ b/bfd/archive.c
@@ -903,7 +903,8 @@ do_slurp_bsd_armap (bfd *abfd)
  parsed_size = mapdata->parsed_size;
  free (mapdata);
  /* PR 17512: file: 883ff754.  */
-  if (parsed_size == 0)
+  /* PR 17512: file: 0458885f.  */
+  if (parsed_size < 4)
    return FALSE;

  raw_armap = (bfd_byte *) bfd_zalloc (abfd, parsed_size);