Toolchain/binutils-gdb
1
0
Fork 0
forked from Imagelibrary/binutils-gdb
Code Pull Requests Activity

reloc_upper_bound size calculations

Browse Source 
Section reloc_count is an unsigned int.  Adding one for a NULL
terminator to an array of arelent pointers can wrap the count to
zero.  Avoid that by doing the addition as longs.

	* coffgen.c (coff_get_reloc_upper_bound): Don't overflow unsigned
	int expression.
	* elf.c (_bfd_elf_get_reloc_upper_bound): Likewise.
	* elf64-sparc.c (elf64_sparc_get_reloc_upper_bound): Likewise.
	* mach-o.c (bfd_mach_o_get_reloc_upper_bound): Likewise.
	* vms-alpha.c (alpha_vms_get_reloc_upper_bound): Likewise.
This commit is contained in:
Alan Modra
2021-07-30 12:58:12 +09:30
parent 472dd8b357
commit 5cfe19e51e
5 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bfd/coffgen.c
View File

@@ -1996,7 +1996,7 @@ coff_get_reloc_upper_bound (bfd *abfd, sec_ptr asect)
return -1;
}
#endif
return (asect->reloc_count + 1) * sizeof (arelent *);
return (asect->reloc_count + 1L) * sizeof (arelent *);
}
asymbol *