From: Alan Modra Date: Wed, 9 May 2018 04:26:34 +0000 (+0930) Subject: PR23147, Heap buffer overflow in pe_print_idata X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=53db9cf9fc363fd8ab3a9d97cdcb2ea1f639a243;p=binutils-gdb.git PR23147, Heap buffer overflow in pe_print_idata PR 23147 * peXXigen.c (pe_print_idata): Bound check hint_addr. --- diff --git a/bfd/ChangeLog b/bfd/ChangeLog index e478821a7f8..f158067af59 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,8 @@ +2018-05-09 Alan Modra + + PR 23147 + * peXXigen.c (pe_print_idata): Bound check hint_addr. + 2018-05-08 Nick Clifton PR 22809 diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c index 5e0acc4571d..b32cc18681d 100644 --- a/bfd/peXXigen.c +++ b/bfd/peXXigen.c @@ -1438,7 +1438,7 @@ pe_print_idata (bfd * abfd, void * vfile) if (hint_addr == 0) hint_addr = first_thunk; - if (hint_addr != 0) + if (hint_addr != 0 && hint_addr - adj < datasize) { bfd_byte *ft_data; asection *ft_section;