Fix a potential illegal memory access in the BFD library when parsing a corrupt DWARF...

author Nick Clifton <nickc@redhat.com>

Wed, 11 Jan 2023 12:12:25 +0000 (12:12 +0000)

committer Nick Clifton <nickc@redhat.com>

Wed, 11 Jan 2023 12:12:25 +0000 (12:12 +0000)
author Nick Clifton <nickc@redhat.com>
Wed, 11 Jan 2023 12:12:25 +0000 (12:12 +0000)
committer Nick Clifton <nickc@redhat.com>
Wed, 11 Jan 2023 12:12:25 +0000 (12:12 +0000)
diff --git a/bfd/ChangeLog b/bfd/ChangeLog

index 4219d03d258fb7e143af4a154083cc296d8290f2..2f2ee0d695e6536553c13770414c5fc21d7347df 100644 (file)
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2023-01-11  Nick Clifton  <nickc@redhat.com>
+
+       PR 29988
+       * dwarf2.c (read_indexed_address): Fix check for an out of range
+       offset.
+
  2023-01-06  Nick Clifton  <nickc@redhat.com>
  
         * po/ru.po: Updated Russian translation.
diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c

index bd431805d2af622810b4a555857e5f6a56683adf..835851e6afc7eb75d2d0ab2387ce95c5b22c98bf 100644 (file)
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@@ -1420,7 +1420,7 @@ read_indexed_address (uint64_t idx, struct comp_unit *unit)
    offset += unit->dwarf_addr_offset;
    if (offset < unit->dwarf_addr_offset
        || offset > file->dwarf_addr_size
-      || file->dwarf_addr_size - offset < unit->offset_size)
+      || file->dwarf_addr_size - offset < unit->addr_size)
      return 0;
  
    info_ptr = file->dwarf_addr_buffer + offset;
author	Nick Clifton <nickc@redhat.com>
	Wed, 11 Jan 2023 12:12:25 +0000 (12:12 +0000)
committer	Nick Clifton <nickc@redhat.com>
	Wed, 11 Jan 2023 12:12:25 +0000 (12:12 +0000)
bfd/ChangeLog		patch \| blob \| history
bfd/dwarf2.c		patch \| blob \| history