From 4aeb00ad3cc6a29b32f0a4e42c2f64d55e25b76d Mon Sep 17 00:00:00 2001 From: Nick Clifton Date: Mon, 13 Feb 2017 14:35:24 +0000 Subject: [PATCH] Fix check for buffer overflow when processing version information. PR binutils/21148 * readelf.c (process_version_sections): Include size of auxillary version information when checking for buffer overflow. --- binutils/ChangeLog | 6 ++++++ binutils/readelf.c | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/binutils/ChangeLog b/binutils/ChangeLog index f099467d3fd..ebaedccf7cb 100644 --- a/binutils/ChangeLog +++ b/binutils/ChangeLog @@ -1,3 +1,9 @@ +2017-02-13 Nick Clifton + + PR binutils/21148 + * readelf.c (process_version_sections): Include size of auxillary + version information when checking for buffer overflow. + 2017-02-13 Nick Clifton PR binutils/21147 diff --git a/binutils/readelf.c b/binutils/readelf.c index 6fd7ff7a1e6..a61befef3fb 100644 --- a/binutils/readelf.c +++ b/binutils/readelf.c @@ -10019,7 +10019,7 @@ process_version_sections (FILE * file) ent.vd_ndx, ent.vd_cnt); /* Check for overflow. */ - if (ent.vd_aux > (size_t) (endbuf - vstart)) + if (ent.vd_aux + sizeof (* eaux) > (size_t) (endbuf - vstart)) break; vstart += ent.vd_aux; -- 2.30.2