X-Git-Url: https://git.libre-soc.org/?a=blobdiff_plain;f=binutils%2Fsysdump.c;h=e9fa6382eadf0386c352eb46da585c561c20cb5f;hb=4bb8b8e9381bce9734454470ebd1572534e7514e;hp=37dd162218cc9ffa18946fbb626276dd9ab480db;hpb=b90efa5b79ac1524ec260f8eb89d1be37e0219a7;p=binutils-gdb.git diff --git a/binutils/sysdump.c b/binutils/sysdump.c index 37dd162218c..e9fa6382ead 100644 --- a/binutils/sysdump.c +++ b/binutils/sysdump.c @@ -1,5 +1,5 @@ /* Sysroff object format dumper. - Copyright (C) 1994-2015 Free Software Foundation, Inc. + Copyright (C) 1994-2022 Free Software Foundation, Inc. This file is part of GNU Binutils. @@ -38,21 +38,7 @@ static int code; static int addrsize = 4; static FILE *file; -static void dh (unsigned char *, int); -static void itheader (char *, int); -static void p (void); -static void tabout (void); -static void pbarray (barray *); -static int getone (int); -static int opt (int); -static void must (int); -static void tab (int, char *); -static void dump_symbol_info (void); static void derived_type (void); -static void module (void); -static void show_usage (FILE *, int); - -extern int main (int, char **); static char * getCHARS (unsigned char *ptr, int *idx, int size, int max) @@ -66,11 +52,20 @@ getCHARS (unsigned char *ptr, int *idx, int size, int max) if (b == 0) { + /* PR 17512: file: 13caced2. */ + if (oc >= max) + return _("*corrupt*"); /* Got to work out the length of the string from self. */ b = ptr[oc++]; (*idx) += 8; } + if (oc + b > size) + { + /* PR 28564 */ + return _("*corrupt*"); + } + *idx += b * 8; r = xcalloc (b + 1, 1); memcpy (r, ptr + oc, b); @@ -142,19 +137,21 @@ fillup (unsigned char *ptr) } static barray -getBARRAY (unsigned char *ptr, int *idx, int dsize ATTRIBUTE_UNUSED, - int max ATTRIBUTE_UNUSED) +getBARRAY (unsigned char *ptr, int *idx, int dsize ATTRIBUTE_UNUSED, int max) { barray res; int i; int byte = *idx / 8; - int size = ptr[byte++]; + int size = 0; + + if (byte < max) + size = ptr[byte++]; res.len = size; res.data = (unsigned char *) xmalloc (size); for (i = 0; i < size; i++) - res.data[i] = ptr[byte++]; + res.data[i] = byte < max ? ptr[byte++] : 0; return res; } @@ -166,7 +163,12 @@ getINT (unsigned char *ptr, int *idx, int size, int max) int byte = *idx / 8; if (byte >= max) - return 0; + { + /* PR 17512: file: id:000001,src:000002,op:flip1,pos:45. */ + /* Prevent infinite loops re-reading beyond the end of the buffer. */ + fatal (_("ICE: getINT: Out of buffer space")); + return 0; + } if (size == -2) size = addrsize; @@ -185,10 +187,11 @@ getINT (unsigned char *ptr, int *idx, int size, int max) n = (ptr[byte + 0] << 8) + ptr[byte + 1]; break; case 4: - n = (ptr[byte + 0] << 24) + (ptr[byte + 1] << 16) + (ptr[byte + 2] << 8) + (ptr[byte + 3]); + n = (((unsigned) ptr[byte + 0] << 24) + (ptr[byte + 1] << 16) + + (ptr[byte + 2] << 8) + (ptr[byte + 3])); break; default: - abort (); + fatal (_("Unsupported read size: %d"), size); } *idx += size * 8; @@ -615,6 +618,8 @@ module (void) do { c = getc (file); + if (c == EOF) + break; ungetc (c, file); c &= 0x7f; @@ -637,9 +642,7 @@ module (void) } } -char *program_name; - -static void +ATTRIBUTE_NORETURN static void show_usage (FILE *ffile, int status) { fprintf (ffile, _("Usage: %s [option(s)] in-file\n"), program_name); @@ -665,17 +668,16 @@ main (int ac, char **av) {NULL, no_argument, 0, 0} }; -#if defined (HAVE_SETLOCALE) && defined (HAVE_LC_MESSAGES) +#ifdef HAVE_LC_MESSAGES setlocale (LC_MESSAGES, ""); #endif -#if defined (HAVE_SETLOCALE) setlocale (LC_CTYPE, ""); -#endif bindtextdomain (PACKAGE, LOCALEDIR); textdomain (PACKAGE); program_name = av[0]; xmalloc_set_program_name (program_name); + bfd_set_error_program_name (program_name); expandargv (&ac, &av);