From: Alan Modra Date: Thu, 27 Oct 2022 05:31:17 +0000 (+1030) Subject: Fuzzed files in archives X-Git-Tag: gdb-13-branchpoint~702 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ffbe89531c2e;p=thirdparty%2Fbinutils-gdb.git Fuzzed files in archives Given a fuzzed object file in an archive with section size exceeding file size, objcopy will report an error like "section size (0xfeffffff bytes) is larger than file size (0x17a bytes)" but will create a copy of the object laid out for the large section. That means a large temporary file on disk that is read back and written to the output archive, which can take a while. The output archive is then deleted due to the error. Avoid some of this silliness. * objcopy.c (copy_section): If section contents cannot be read set output section size to zero. --- diff --git a/binutils/objcopy.c b/binutils/objcopy.c index 6ffbdf9c681..d20aaef9f4f 100644 --- a/binutils/objcopy.c +++ b/binutils/objcopy.c @@ -4418,6 +4418,7 @@ copy_section (bfd *ibfd, sec_ptr isection, void *obfdarg) || !bfd_convert_section_contents (ibfd, isection, obfd, &memhunk, &size)) { + bfd_set_section_size (osection, 0); status = 1; bfd_nonfatal_message (NULL, ibfd, isection, NULL); free (memhunk);