From: Alan Modra Date: Sat, 20 May 2023 11:30:25 +0000 (+0930) Subject: Re: Bug 23686, two segment faults in nm X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=0bbd2b1ad0426aee86445cd7f0c86667624da7ca;p=binutils-gdb.git Re: Bug 23686, two segment faults in nm The fix for pr23686 had a hole in the reloc address sanity check, the calculation could overflow. Note that stabsize is known to be a non-zero multiple of 12 so stabsize - 4 can't underflow. PR 23686 * syms.c (_bfd_stab_section_find_nearest_line): Correct r->address sanity check. --- diff --git a/bfd/syms.c b/bfd/syms.c index 6979096fbc6..d756995d767 100644 --- a/bfd/syms.c +++ b/bfd/syms.c @@ -1106,7 +1106,7 @@ _bfd_stab_section_find_nearest_line (bfd *abfd, || r->howto->pc_relative || r->howto->bitpos != 0 || r->howto->dst_mask != 0xffffffff - || octets + 4 > stabsize) + || octets > stabsize - 4) { _bfd_error_handler (_("unsupported .stab relocation"));