Toolchain/binutils-gdb
1
0
Fork 0
forked from Imagelibrary/binutils-gdb
Code Pull Requests Activity

PR27291, integer overflow in bfd_get_section_contents

Browse Source 
Makes the code a little more elegant too.  Note that the unsigned
overflow reported here is well defined so this patch doesn't fix any
real problem.

	PR 27291
	* section.c (bfd_get_section_contents): Avoid possible overflow
	when range checking offset and count.
	(bfd_set_section_contents): Likewise.
This commit is contained in:
Alan Modra
2021-02-11 09:53:17 +10:30
parent 160fe19337
commit 6db658c517
2 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
bfd/ChangeLog
View File

@@ -1,3 +1,10 @@
2021-02-11 Alan Modra <amodra@gmail.com>
PR 27291
* section.c (bfd_get_section_contents): Avoid possible overflow
when range checking offset and count.
(bfd_set_section_contents): Likewise.
2021-02-03 Nick Alcock <nick.alcock@oracle.com>
* configure.ac (SHARED_LIBADD): Remove explicit -lintl population in

6
bfd/section.c
View File

@@ -1498,8 +1498,7 @@ bfd_set_section_contents (bfd *abfd,
sz = section->size;
if ((bfd_size_type) offset > sz
|| count > sz
|| offset + count > sz
|| count > sz - offset
|| count != (size_t) count)
{
bfd_set_error (bfd_error_bad_value);
@@ -1569,8 +1568,7 @@ bfd_get_section_contents (bfd *abfd,
else
sz = section->size;
if ((bfd_size_type) offset > sz
|| count > sz
|| offset + count > sz
|| count > sz - offset
|| count != (size_t) count)
{
bfd_set_error (bfd_error_bad_value);