Prevent an attempt to allocate an excessive amount of memory when dumping the symbols...

	PR 24707
	* objdump.c (slurp_symtab): Fail with a helpful error message if
	the symbol table is too large.

diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index 07c8bb69d2af7bf6d53ed96d08ff525a51a1d915..e9f83e6413f95c0fb509a6940fed3adaaec07441 100644 (file)
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,3 +1,9 @@
+2019-06-28  Nick Clifton  <nickc@redhat.com>
+
+       PR 24707
+       * objdump.c (slurp_symtab): Fail with a helpful error message if
+       the symbol table is too large.
+
 2019-06-26  Nick Clifton  <nickc@redhat.com>
 
        PR 24703

diff --git a/binutils/objdump.c b/binutils/objdump.c
index 7a4e7e4b494a0607418bd442aa2bfeb675e73dbb..32e6f24f7b4744cc9a8090b142396b0e1e5ca356 100644 (file)
--- a/binutils/objdump.c
+++ b/binutils/objdump.c
@@ -704,7 +704,22 @@ slurp_symtab (bfd *abfd)
       bfd_fatal (_("error message was"));
     }
   if (storage)
-    sy = (asymbol **) xmalloc (storage);
+    {
+      off_t filesize = bfd_get_file_size (abfd);
+
+      /* qv PR 24707.  */
+      if (filesize > 0 && filesize < storage)
+       {
+         bfd_nonfatal_message (bfd_get_filename (abfd), abfd, NULL,
+                               _("error: symbol table size (%#lx) is larger than filesize (%#lx)"),
+                       storage, (long) filesize);
+         exit_status = 1;
+         symcount = 0;
+         return NULL;
+       }
+
+      sy = (asymbol **) xmalloc (storage);
+    }
 
   symcount = bfd_canonicalize_symtab (abfd, sy);
   if (symcount < 0)