From: Nick Clifton <nickc@redhat.com>
Date: Tue, 16 Mar 2021 12:44:50 +0000 (+0000)
Subject: Fix a potential buffer overrun qwhen writing out PE aux entries.
X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=012d44268695f1c5d4e2e019c610c8b99bd7e553;p=binutils-gdb.git

Fix a potential buffer overrun qwhen writing out PE aux entries.

	* peXXigen.c (_bfd_XXi_swap_aux_out): Avoid potential buffer
	overrun by using sizeof of the destination x_fname field as the
	limit for a memcpy.

	* coff/internal.h (struct internal_auxent): Fix a couple of typos
	in comment describing the x_fname field.
---

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 70203b1254f..2bea06278b8 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2021-03-16  Nick Clifton  <nickc@redhat.com>
+
+	* peXXigen.c (_bfd_XXi_swap_aux_out): Avoid potential buffer
+	overrun by using sizeof of the destination x_fname field as the
+	limit for a memcpy.
+
 2021-03-16  Kuan-Lin Chen  <kuanlinchentw@gmail.com>
 
 	* elfxx-riscv.c (riscv_std_z_ext_strtab): Add zba, zbb and zbc.
diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
index 83bbac51af7..b3706723c83 100644
--- a/bfd/peXXigen.c
+++ b/bfd/peXXigen.c
@@ -380,7 +380,7 @@ _bfd_XXi_swap_aux_out (bfd *  abfd,
 	  H_PUT_32 (abfd, in->x_file.x_n.x_offset, ext->x_file.x_n.x_offset);
 	}
       else
-	memcpy (ext->x_file.x_fname, in->x_file.x_fname, FILNMLEN);
+	memcpy (ext->x_file.x_fname, in->x_file.x_fname, sizeof (ext->x_file.x_fname));
 
       return AUXESZ;
 
diff --git a/include/ChangeLog b/include/ChangeLog
index 9712268bae4..5ea252c9efc 100644
--- a/include/ChangeLog
+++ b/include/ChangeLog
@@ -1,3 +1,8 @@
+2021-03-16  Nick Clifton  <nickc@redhat.com>
+
+	* coff/internal.h (struct internal_auxent): Fix a couple of typos
+	in comment describing the x_fname field.
+
 2021-03-16  Kuan-Lin Chen  <kuanlinchentw@gmail.com>
 
 	* opcode/riscv-opc.h: Support zba, zbb and zbc extensions.
diff --git a/include/coff/internal.h b/include/coff/internal.h
index 1b5b45c2266..90c901d2987 100644
--- a/include/coff/internal.h
+++ b/include/coff/internal.h
@@ -580,8 +580,8 @@ union internal_auxent
   union
   {
     /* PR 17754: We use to FILNMLEN for the size of the x_fname
-       array, but that cause problems as PE targets use a larger
-       value.  We cannot use their definition of EFILNMLEN as this
+       array, but that causes problems as PE targets use a larger
+       value.  We cannot use their definition of E_FILNMLEN as this
        header can be used without including any PE headers.  */
     char x_fname[20];
     struct