Attachment #11424 for bug #23942

View | Details | Raw Unified | Return to bug 23942
Collapse All | Expand All

Lines 1-3 Link Here

(-)a/bfd/ChangeLog (+5 lines)
		1	2018-11-30 Nick Clifton <nickc@redhat.com>
		2
		3	* elfcode.h (elf_object_p): Check for corrupt input files with
		4	more program headers than can actually fit in the file.
		5
1	2018-11-30 Nick Clifton <nickc@redhat.com>	6	2018-11-30 Nick Clifton <nickc@redhat.com>
2		7
3	PR 23932	8	PR 23932

Lines 784-789 elf_object_p (bfd *abfd) Link Here

(-)a/bfd/elfcode.h (-1 / +5 lines)
784	if (i_ehdrp->e_phnum > ((bfd_size_type) -1) / sizeof (*i_phdr))	784	if (i_ehdrp->e_phnum > ((bfd_size_type) -1) / sizeof (*i_phdr))
785	goto got_wrong_format_error;	785	goto got_wrong_format_error;
786	#endif	786	#endif
		787	/* Check for a corrupt input file with an impossibly large number
		788	of program headers. */
		789	if (bfd_get_file_size (abfd) > 0
		790	&& i_ehdrp->e_phnum > bfd_get_file_size (abfd))
		791	goto got_no_match;
787	amt = (bfd_size_type) i_ehdrp->e_phnum * sizeof (*i_phdr);	792	amt = (bfd_size_type) i_ehdrp->e_phnum * sizeof (*i_phdr);
788	elf_tdata (abfd)->phdr = (Elf_Internal_Phdr *) bfd_alloc (abfd, amt);	793	elf_tdata (abfd)->phdr = (Elf_Internal_Phdr *) bfd_alloc (abfd, amt);
789	if (elf_tdata (abfd)->phdr == NULL)	794	if (elf_tdata (abfd)->phdr == NULL)
790	-

Return to bug 23942