From: Alan Modra <amodra@gmail.com>
Date: Sun, 1 Jun 2025 03:37:58 +0000 (+0930)
Subject: decompress_contents: fuss over 32-bit long
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=738767bc853adeb1f9f75e1bf2618b5e739b2d21;p=thirdparty%2Fbinutils-gdb.git

decompress_contents: fuss over 32-bit long

Some 64-bit compilers have a 32-bit long, which could result in an
endless loop if uncompressed_size is larger than 4G.
---

diff --git a/bfd/compress.c b/bfd/compress.c
index b693204a3ea..4f92455dbd6 100644
--- a/bfd/compress.c
+++ b/bfd/compress.c
@@ -521,8 +521,10 @@ decompress_contents (bool is_zstd, bfd_byte *compressed_buffer,
      buffers concatenated together, so we uncompress in a loop.  */
   do
     {
-      uLongf dst_len = uncompressed_size;
-      uLong src_len = compressed_size;
+      uLongf dst_len = (uncompressed_size > ULONG_MAX ? ULONG_MAX
+			: uncompressed_size);
+      uLong src_len = (compressed_size > ULONG_MAX ? ULONG_MAX
+		       : compressed_size);
       int rc = uncompress2 ((Bytef *) uncompressed_buffer, &dst_len,
 			    (Bytef *) compressed_buffer, &src_len);
       if (rc != Z_OK)