Toolchain/binutils-gdb
1
0
Fork 0
forked from Imagelibrary/binutils-gdb
Code Pull Requests Activity

Re: PR31692, objdump fails .debug_info size check

Browse Source 
The fuzzers found a hole.  bfd_section_size_insane doesn't check
!SEC_HAS_CONTENTS sections against file size for obvious reasons,
which allows fuzzed debug sections to be stupidly large.  Real debug
sections of course always have contents.

	PR 31692
	* objdump.c (load_specific_debug_section): Don't allow sections
	without contents.
This commit is contained in:
Alan Modra
2024-05-10 22:15:06 +09:30
parent a4f76c0765
commit ad658482c1
1 changed files with 30 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
binutils/objdump.c
View File

@@ -4307,6 +4307,9 @@ load_specific_debug_section (enum dwarf_section_display_enum debug,
return false;
}
ret = false;
if ((sec->flags & SEC_HAS_CONTENTS) != 0)
{
section->start = contents = xmalloc (alloced);
/* Ensure any string section has a terminating NUL. */
section->start[section->size] = 0;
@@ -4342,6 +4345,7 @@ load_specific_debug_section (enum dwarf_section_display_enum debug,
}
else
ret = bfd_get_full_section_contents (abfd, sec, &contents);
}
if (!ret)
{