From ebe8b99135d0de280c4094b0affdb4b5a6d2835b Mon Sep 17 00:00:00 2001 From: Jakub Jelinek Date: Fri, 5 Jan 2007 10:12:25 +0000 Subject: [PATCH] * texhex.c (first_phase): Don't fall through into the default case. (pass_over): Replace abort () calls with return FALSE. Fix buffer overflow. --- bfd/ChangeLog | 7 +++++++ bfd/tekhex.c | 16 +++++++++------- 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/bfd/ChangeLog b/bfd/ChangeLog index c2101cabd44..e341c1f3673 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,10 @@ +2007-01-05 Jakub Jelinek + + * texhex.c (first_phase): Don't fall through into the default + case. + (pass_over): Replace abort () calls with return FALSE. Fix + buffer overflow. + 2007-01-04 Jie Zhang * elf-eh-frame.c (_bfd_elf_discard_section_eh_frame): Don't set diff --git a/bfd/tekhex.c b/bfd/tekhex.c index fffedad958b..c0ad1eeeda7 100644 --- a/bfd/tekhex.c +++ b/bfd/tekhex.c @@ -436,6 +436,7 @@ first_phase (bfd *abfd, int type, char *src) if (!getvalue (&src, &val)) return FALSE; new->symbol.value = val - section->vma; + break; } default: return FALSE; @@ -457,11 +458,10 @@ pass_over (bfd *abfd, bfd_boolean (*func) (bfd *, int, char *)) /* To the front of the file. */ if (bfd_seek (abfd, (file_ptr) 0, SEEK_SET) != 0) - abort (); + return FALSE; while (! eof) { - char buffer[MAXCHUNK]; - char *src = buffer; + char src[MAXCHUNK]; char type; /* Find first '%'. */ @@ -471,22 +471,24 @@ pass_over (bfd *abfd, bfd_boolean (*func) (bfd *, int, char *)) if (eof) break; - src++; /* Fetch the type and the length and the checksum. */ if (bfd_bread (src, (bfd_size_type) 5, abfd) != 5) - abort (); /* FIXME. */ + return FALSE; type = src[2]; if (!ISHEX (src[0]) || !ISHEX (src[1])) break; - /* Already read five char. */ + /* Already read five chars. */ chars_on_line = HEX (src) - 5; + if (chars_on_line >= MAXCHUNK) + return FALSE; + if (bfd_bread (src, (bfd_size_type) chars_on_line, abfd) != chars_on_line) - abort (); /* FIXME. */ + return FALSE; /* Put a null at the end. */ src[chars_on_line] = 0; -- 2.30.2