From 03997556dae335abff76e00a41d1459e4bfa6ed1 Mon Sep 17 00:00:00 2001 From: Nick Clifton Date: Mon, 18 Jun 2007 16:02:45 +0000 Subject: [PATCH] * resres.c (probe_binary): Fix test for badly formatted headers. --- binutils/ChangeLog | 4 ++++ binutils/resres.c | 17 +++++++++++------ 2 files changed, 15 insertions(+), 6 deletions(-) diff --git a/binutils/ChangeLog b/binutils/ChangeLog index 1d9a542b348..f65bebba712 100644 --- a/binutils/ChangeLog +++ b/binutils/ChangeLog @@ -1,3 +1,7 @@ +2007-06-18 Thomas Weidenmueller + + * resres.c (probe_binary): Fix test for badly formatted headers. + 2007-06-18 Kai Tietz * rclex.c: (cpp_line): Add code_page pragma support. diff --git a/binutils/resres.c b/binutils/resres.c index 8b75bcf5942..f345da3e5de 100644 --- a/binutils/resres.c +++ b/binutils/resres.c @@ -554,10 +554,12 @@ read_unistring (windres_bfd *wrbfd, rc_uint_type *off, rc_uint_type omax, rc_uint_type l; rc_uint_type soff = off[0]; - do { - read_res_data (wrbfd, &soff, omax, d, sizeof (unichar)); - c = windres_get_16 (wrbfd, d, 2); - } while (c != 0); + do + { + read_res_data (wrbfd, &soff, omax, d, sizeof (unichar)); + c = windres_get_16 (wrbfd, d, 2); + } + while (c != 0); l = ((soff - off[0]) / sizeof (unichar)); /* there are hardly any names longer than 256 characters, but anyway. */ @@ -592,8 +594,11 @@ probe_binary (windres_bfd *wrbfd, rc_uint_type omax) if ((off + BIN_RES_HDR_SIZE) >= omax) return 1; read_res_data_hdr (wrbfd, &off, omax, &reshdr); - if ((off + reshdr.data_size + reshdr.header_size) > omax) - return 0; + /* off is advanced by BIN_RES_HDR_SIZE in read_res_data_hdr() + which is part of reshdr.header_size. We shouldn't take it + into account twice. */ + if ((off - BIN_RES_HDR_SIZE + reshdr.data_size + reshdr.header_size) > omax) + return 0; return 1; } -- 2.30.2