]> git.ipfire.org Git - thirdparty/binutils-gdb.git/blobdiff - bfd/elf.c
projects / thirdparty / binutils-gdb.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Avoid allocating over-large buffers when parsing corrupt binaries.
[thirdparty/binutils-gdb.git] / bfd / elf.c
diff --git a/bfd/elf.c b/bfd/elf.c
index 9c4dcdf452d1ab43c89d38b082214d0f694d3894..7cc0ce1fa6b8030d7b386da341270b3ecd5bceef 100644 (file)
--- a/bfd/elf.c
+++ b/bfd/elf.c
@@ -294,6 +294,11 @@ bfd_elf_get_str_section (bfd *abfd, unsigned int shindex)
       offset = i_shdrp[shindex]->sh_offset;
       shstrtabsize = i_shdrp[shindex]->sh_size;
 
+      /* PR binutils/17512: Do not even try to load
+        a string table bigger than the entire file...  */
+      if (shstrtabsize >= (bfd_size_type) bfd_get_size (abfd))
+       return NULL;
+
       /* Allocate and clear an extra byte at the end, to prevent crashes
         in case the string table is not terminated.  */
       if (shstrtabsize + 1 <= 1
A mirror of the official binutils-gdb repository