+2014-11-21 Nick Clifton <nickc@redhat.com>
+
+ PR binutils/17531
+ * readelf.c (process_version_sections): Prevent an infinite loop
+ processing corrupt version need data.
+ (process_corefile_note_segment): Handle corrupt notes.
+
2014-11-21 Terry Guo <terry.guo@arm.com>
* readelf.c (arm_attr_tag_FP_arch): Extended to support FPv5.
if (j < ent.vd_cnt)
printf (_(" Version def aux past end of section\n"));
+ /* PR 17531: file: id:000001,src:000172+005151,op:splice,rep:2. */
+ if (idx + ent.vd_next <= idx)
+ break;
+
idx += ent.vd_next;
}
if (inote.descdata < (char *) external + min_notesz
|| next < (char *) external + min_notesz
+ /* PR binutils/17531: file: id:000000,sig:11,src:006986,op:havoc,rep:4. */
+ || inote.namedata + inote.namesz < inote.namedata
+ || inote.descdata + inote.descsz < inote.descdata
|| data_remaining < (size_t)(next - (char *) external))
{
warn (_("note with invalid namesz and/or descsz found at offset 0x%lx\n"),
if (inote.namedata[inote.namesz - 1] != '\0')
{
temp = (char *) malloc (inote.namesz + 1);
-
if (temp == NULL)
{
error (_("Out of memory allocating space for inote name\n"));
projects / binutils-gdb.git / commitdiff