From: Nick Clifton <nickc@redhat.com>
Date: Fri, 17 Feb 2017 11:39:20 +0000 (+0000)
Subject: Fix potential illegal memory access in ZLIB because of an erroneous declaration of... 
X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=6438d1be9e9b6802a465c70c76b9cec7e23270f3;p=binutils-gdb.git

Fix potential illegal memory access in ZLIB because of an erroneous declaration of the size of the input buffer.

	* compress.c (bfd_get_full_section_contents): Remember to reduce
	compressed size by the sizeof the compression header when
	decompressing the contents.
---

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index be8bd680b07..3f3adc0e9f3 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2017-02-17  Nick Clifton  <nickc@redhat.com>
+
+	* compress.c (bfd_get_full_section_contents): Remember to reduce
+	compressed size by the sizeof the compression header when
+	decompressing the contents.
+
 2017-02-17  Pedro Alves  <palves@redhat.com>
 
 	* srec.c (Chunk): Rename to ...
diff --git a/bfd/compress.c b/bfd/compress.c
index 1ed7d74bf89..f881c074b85 100644
--- a/bfd/compress.c
+++ b/bfd/compress.c
@@ -300,7 +300,7 @@ bfd_get_full_section_contents (bfd *abfd, sec_ptr sec, bfd_byte **ptr)
 	   SHF_COMPRESSED section.  */
 	compression_header_size = 12;
       if (!decompress_contents (compressed_buffer + compression_header_size,
-				sec->compressed_size, p, sz))
+				sec->compressed_size - compression_header_size, p, sz))
 	{
 	  bfd_set_error (bfd_error_bad_value);
 	  if (p != *ptr)