projects / binutils-gdb.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 400f0c9)
Avoid possible pointer wrap
authorAlan Modra <amodra@gmail.com>
Mon, 10 May 2021 00:26:43 +0000 (09:56 +0930)
committerAlan Modra <amodra@gmail.com>
Mon, 10 May 2021 00:33:00 +0000 (10:03 +0930)
PTR supplied to these macros can be read from user input, END is an
end of buffer pointer.  It's safer to do arithmetic on END than on PTR.

* dwarf.c (SAFE_BYTE_GET): Check bounds by subtracting amount from
END rather than adding amount to PTR.
(SAFE_SIGNED_BYTE_GET, SAFE_BYTE_GET64): Likewise.

binutils/ChangeLog patch | blob | history
binutils/dwarf.c patch | blob | history

diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index 302629794c0b010ff0df1575e5aabf7b0957b977..ae27252e982fcb48d176715d93462cb4760cc338 100644 (file)
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,3 +1,9 @@
+2021-05-10  Alan Modra  <amodra@gmail.com>
+
+       * dwarf.c (SAFE_BYTE_GET): Check bounds by subtracting amount from
+       END rather than adding amount to PTR.
+       (SAFE_SIGNED_BYTE_GET, SAFE_BYTE_GET64): Likewise.
+
 2021-05-09  Alan Modra  <amodra@gmail.com>
 
        * objcopy.c (eq_string): Delete.
diff --git a/binutils/dwarf.c b/binutils/dwarf.c
index d93d9239684ad6f46f3a14317eefab035d7bb40b..c584f5b2a24f6c09860a45b94655173e05c61eb9 100644 (file)
--- a/binutils/dwarf.c
+++ b/binutils/dwarf.c
@@ -406,7 +406,7 @@ read_leb128 (unsigned char *data,
                 amount, (int) sizeof (VAL));   \
          amount = sizeof (VAL);                \
        }                                       \
-      if (((PTR) + amount) >= (END))           \
+      if ((PTR) >= (END) - amount)             \
        {                                       \
          if ((PTR) < (END))                    \
            amount = (END) - (PTR);             \
@@ -434,7 +434,7 @@ read_leb128 (unsigned char *data,
   do                                                   \
     {                                                  \
       unsigned int amount = (AMOUNT);                  \
-      if (((PTR) + amount) >= (END))                   \
+      if ((PTR) >= (END) - amount)                     \
        {                                               \
          if ((PTR) < (END))                            \
            amount = (END) - (PTR);                     \
@@ -460,7 +460,7 @@ read_leb128 (unsigned char *data,
 #define SAFE_BYTE_GET64(PTR, HIGH, LOW, END)           \
   do                                                   \
     {                                                  \
-      if (((PTR) + 8) <= (END))                                \
+      if ((PTR) <= (END) - 8)                          \
        {                                               \
          byte_get_64 ((PTR), (HIGH), (LOW));           \
        }                                               \