From: H.J. Lu Date: Tue, 6 Dec 2022 20:54:43 +0000 (-0800) Subject: bfd: Avoid signed overflow for new_size adjustment X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=e25466730d436937e814f80b69e5d124513fff03;p=binutils-gdb.git bfd: Avoid signed overflow for new_size adjustment When bfd_size_type is unsigned 64-bit integer and sizeof is unsigned 32-bit integer, subtraction in *new_size += sizeof (Elf32_External_Chdr) - sizeof (Elf64_External_Chdr); will overflow. Use *new_size -= sizeof (Elf64_External_Chdr) - sizeof (Elf32_External_Chdr); to avoid overflow. PR binutils/29860 * compress.c (bfd_convert_section_setup): Avoid signed overflow for new_size adjustment. --- diff --git a/bfd/compress.c b/bfd/compress.c index bb55a6ec0ac..5ea7cd95f3a 100644 --- a/bfd/compress.c +++ b/bfd/compress.c @@ -306,7 +306,7 @@ bfd_convert_section_setup (bfd *ibfd, asection *isec, bfd *obfd, if (hdr_size == sizeof (Elf32_External_Chdr)) *new_size += sizeof (Elf64_External_Chdr) - sizeof (Elf32_External_Chdr); else - *new_size += sizeof (Elf32_External_Chdr) - sizeof (Elf64_External_Chdr); + *new_size -= sizeof (Elf64_External_Chdr) - sizeof (Elf32_External_Chdr); return true; }