From 7828dfa93b210b6bbc6596e6e096cc150a9f8aa4 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Thu, 17 Nov 2022 07:33:55 +1030
Subject: [PATCH] go32 sanity check

	* coff-stgo32 (go32exe_check_format): Sanity check stubsize against
	filesize before malloc.
---
 bfd/coff-stgo32.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bfd/coff-stgo32.c b/bfd/coff-stgo32.c
index cb0df389375..17271753a7a 100644
--- a/bfd/coff-stgo32.c
+++ b/bfd/coff-stgo32.c
@@ -291,6 +291,10 @@ go32exe_check_format (bfd *abfd)
   if (last_page_size != 0)
     stubsize += last_page_size - 512;
 
+  ufile_ptr filesize = bfd_get_file_size (abfd);
+  if (filesize != 0 && stubsize > filesize)
+    goto fail_format;
+
   /* Save now the stub to be used later.  Put the stub data to a temporary
      location first as tdata still does not exist.  It may not even
      be ever created if we are just checking the file format of ABFD.  */
-- 
2.39.5