projects / binutils-gdb.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3836e1d)
PR24785, bfd crashes on empty .PPC.EMB.apuinfo section
authorAlan Modra <amodra@gmail.com>
Mon, 8 Jul 2019 00:36:09 +0000 (10:06 +0930)
committerAlan Modra <amodra@gmail.com>
Mon, 8 Jul 2019 05:56:33 +0000 (15:26 +0930)
PR 24785
* elf32-ppc.c (_bfd_elf_ppc_set_arch): Sanity check .PPC.EMB.apuinfo
size before reading first word.

bfd/ChangeLog patch | blob | history
bfd/elf32-ppc.c patch | blob | history

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 1e2a3f1b79332809c2459a926cb25f9e61bbec48..7daec6bba79f86da28d4593ef091156c247de247 100644 (file)
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2019-07-08  Alan Modra  <amodra@gmail.com>
+
+       PR 24785
+       * elf32-ppc.c (_bfd_elf_ppc_set_arch): Sanity check .PPC.EMB.apuinfo
+       size before reading first word.
+
 2019-07-02  Nick Clifton  <nickc@redhat.com>
 
        PR 24717
diff --git a/bfd/elf32-ppc.c b/bfd/elf32-ppc.c
index df813d36cc5c5870fda44a0839f1e0710d34a7ce..ae03d72241672e8c9e1a4f88af344af84c324366 100644 (file)
--- a/bfd/elf32-ppc.c
+++ b/bfd/elf32-ppc.c
@@ -1077,7 +1077,9 @@ _bfd_elf_ppc_set_arch (bfd *abfd)
   if (mach == 0)
     {
       s = bfd_get_section_by_name (abfd, APUINFO_SECTION_NAME);
-      if (s != NULL && bfd_malloc_and_get_section (abfd, s, &contents))
+      if (s != NULL
+         && s->size >= 24
+         && bfd_malloc_and_get_section (abfd, s, &contents))
        {
          unsigned int apuinfo_size = bfd_get_32 (abfd, contents + 4);
          unsigned int i;