From: Nick Clifton Date: Wed, 1 Nov 2017 12:37:33 +0000 (+0000) Subject: Update check for invalid values in pe_bfd_read_buildid function. X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=e0115a844607b280449986e661f551dff49a9031;p=binutils-gdb.git Update check for invalid values in pe_bfd_read_buildid function. PR 22373 * peicode.h (pe_bfd_read_buildid): Revise check for invalid size and offset in light of further possible bogus values. --- diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 662ef44cc60..60fbc9c8e48 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,9 @@ +2017-11-01 Nick Clifton + + PR 22373 + * peicode.h (pe_bfd_read_buildid): Revise check for invalid size + and offset in light of further possible bogus values. + 2017-11-01 Alan Modra PR 22374 diff --git a/bfd/peicode.h b/bfd/peicode.h index f3b759cce88..e5cacbd2c10 100644 --- a/bfd/peicode.h +++ b/bfd/peicode.h @@ -1329,9 +1329,8 @@ pe_bfd_read_buildid (bfd *abfd) /* PR 20605 and 22373: Make sure that the data is really there. Note - since we are dealing with unsigned quantities we have to be careful to check for potential overflows. */ - if (dataoff > section->size - || size > section->size - || dataoff + size > section->size) + if (dataoff >= section->size + || size > section->size - dataoff) { _bfd_error_handler (_("%B: Error: Debug Data ends beyond end of debug directory."), abfd);