1 Star 0 Fork 26

gaochang/binutils

forked from src-anolis-os/binutils 
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
binutils-CVE-2021-3487.patch 1.22 KB
一键复制 编辑 原始数据 按行查看 历史
Renbo 提交于 2021-11-29 15:14 . update to binutils-2.30-108.el8_5.1
--- binutils.orig/bfd/dwarf2.c 2021-04-14 14:24:18.945917267 +0100
+++ binutils-2.30/bfd/dwarf2.c 2021-04-14 14:25:51.908614106 +0100
@@ -532,6 +532,10 @@ read_section (bfd * abfd,
/* The section may have already been read. */
if (contents == NULL)
{
+ bfd_size_type amt;
+ asection *msec;
+ ufile_ptr filesize;
+
msec = bfd_get_section_by_name (abfd, section_name);
if (! msec)
{
@@ -547,10 +551,22 @@ read_section (bfd * abfd,
return FALSE;
}
- *section_size = msec->rawsize ? msec->rawsize : msec->size;
+ amt = bfd_get_section_limit_octets (abfd, msec);
+ filesize = bfd_get_file_size (abfd);
+ if (amt >= filesize)
+ {
+ /* PR 26946 */
+ _bfd_error_handler (_("DWARF error: section %s is larger than its filesize! (0x%lx vs 0x%lx)"),
+ section_name, (long) amt, (long) filesize);
+ bfd_set_error (bfd_error_bad_value);
+ return FALSE;
+ }
+ *section_size = amt;
+
/* Paranoia - alloc one extra so that we can make sure a string
section is NUL terminated. */
- amt = *section_size + 1;
+ amt += 1;
+
if (amt == 0)
{
bfd_set_error (bfd_error_no_memory);
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/gcdota930915/binutils.git
git@gitee.com:gcdota930915/binutils.git
gcdota930915
binutils
binutils
a8

搜索帮助