From: Nick Clifton Date: Mon, 5 Aug 2019 09:40:35 +0000 (+0100) Subject: Catch potential integer overflow in readelf when processing corrupt binaries. X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=e17869db99195849826eaaf5d2d0eb2cfdd7a2a7;p=binutils-gdb.git Catch potential integer overflow in readelf when processing corrupt binaries. PR 24829 * readelf.c (apply_relocations): Catch potential integer overflow whilst checking reloc location against section size. --- diff --git a/binutils/ChangeLog b/binutils/ChangeLog index f3dc48c85df..22a7828d9c9 100644 --- a/binutils/ChangeLog +++ b/binutils/ChangeLog @@ -1,3 +1,9 @@ +2019-08-05 Nick Clifton + + PR 24829 + * readelf.c (apply_relocations): Catch potential integer overflow + whilst checking reloc location against section size. + 2019-08-02 Alan Modra PR 24871 diff --git a/binutils/readelf.c b/binutils/readelf.c index b896ad9f406..e785fde43e7 100644 --- a/binutils/readelf.c +++ b/binutils/readelf.c @@ -13366,7 +13366,7 @@ apply_relocations (Filedata * filedata, } rloc = start + rp->r_offset; - if ((rloc + reloc_size) > end || (rloc < start)) + if (rloc >= end || (rloc + reloc_size) > end || (rloc < start)) { warn (_("skipping invalid relocation offset 0x%lx in section %s\n"), (unsigned long) rp->r_offset,