+2015-09-03 Nick Clifton <nickc@redhat.com>
+
+ PR binutils/18879
+ * readelf.c (get_unwind_section_word): Check for negative offsets
+ and very small sections.
+ (dump_arm_unwind): Warn if the table offset is too large.
+
2015-08-28 H.J. Lu <hongjiu.lu@intel.com>
* Makefile.am (TOOL_PROGS): Add readelf.
return FALSE;
/* If the offset is invalid then fail. */
- if (word_offset > sec->sh_size - 4)
+ if (word_offset > (sec->sh_size - 4)
+ /* PR 18879 */
+ || (sec->sh_size < 5 && word_offset >= sec->sh_size)
+ || ((bfd_signed_vma) word_offset) < 0)
return FALSE;
/* Get the word at the required offset. */
{
table_sec = section_headers + entry_addr.section;
table_offset = entry_addr.offset;
+ /* PR 18879 */
+ if (table_offset > table_sec->sh_size
+ || ((bfd_signed_vma) table_offset) < 0)
+ {
+ warn (_("Unwind entry contains corrupt offset (0x%lx) into section %s\n"),
+ (unsigned long) table_offset,
+ printable_section_name (table_sec));
+ continue;
+ }
}
else
{
projects / thirdparty / binutils-gdb.git / commitdiff
