[prev in list] [next in list] [prev in thread] [next in thread]
List: binutils-cvs
Subject: [binutils-gdb] PR28753, buffer overflow in read_section_stabs_debugging_info
From: Alan Modra via Binutils-cvs <binutils-cvs () sourceware ! org>
Date: 2022-01-28 6:32:17
Message-ID: 20220128063217.6FC593858D1E () sourceware ! org
[Download RAW message or body]
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=085b299b71721e15f5c5c5344dc3e4e4536dadba
commit 085b299b71721e15f5c5c5344dc3e4e4536dadba
Author: Alan Modra <amodra@gmail.com>
Date: Thu Jan 20 13:58:38 2022 +1030
PR28753, buffer overflow in read_section_stabs_debugging_info
PR 28753
* rddbg.c (read_section_stabs_debugging_info): Don't read past
end of section when concatentating stab strings.
Diff:
---
binutils/rddbg.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/binutils/rddbg.c b/binutils/rddbg.c
index 42605b83d1a..169c52f4983 100644
--- a/binutils/rddbg.c
+++ b/binutils/rddbg.c
@@ -210,7 +210,7 @@ read_section_stabs_debugging_info (bfd *abfd, asymbol **syms, long symcount,
an attempt to read the byte before 'strings' would occur. */
while ((len = strlen (s)) > 0
&& s[len - 1] == '\\'
- && stab + 12 < stabs + stabsize)
+ && stab + 16 <= stabs + stabsize)
{
char *p;
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic