+2017-08-31 Nick Clifton <nickc@redhat.com>
+
+ PR 22047
+ * dwarf2.c (read_section): If necessary add a terminating NUL byte
+ to dwarf string sections.
+
2017-08-31 Alan Modra <amodra@gmail.com>
* po/SRC-POTFILES.in: Regenerate.
0, *section_size))
return FALSE;
}
+
+ /* Paranoia - if we are reading in a string section, make sure that it
+ is NUL terminated. This is to prevent string functions from running
+ off the end of the buffer. Note - knowing the size of the buffer is
+ not enough as some functions, eg strchr, do not have a range limited
+ equivalent.
+
+ FIXME: We ought to use a flag in the dwarf_debug_sections[] table to
+ determine the nature of a debug section, rather than checking the
+ section name as we do here. */
+ if (*section_size > 0
+ && (*section_buffer)[*section_size - 1] != 0
+ && (strstr (section_name, "_str") || strstr (section_name, "names")))
+ {
+ bfd_byte * new_buffer = malloc (*section_size + 1);
+
+ _bfd_error_handler (_("warning: dwarf string section '%s' is not NUL terminated"),
+ section_name);
+ memcpy (new_buffer, *section_buffer, *section_size);
+ new_buffer[*section_size] = 0;
+ free (*section_buffer);
+ *section_buffer = new_buffer;
+ }
}
/* It is possible to get a bad value for the offset into the section
projects / binutils-gdb.git / commitdiff