Summary: | integer overflow in parse_die | ||
---|---|---|---|
Product: | binutils | Reporter: | skysider <luanjunchao> |
Component: | binutils | Assignee: | Nick Clifton <nickc> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | jeremip11, nickc |
Priority: | P2 | ||
Version: | 2.31 | ||
Target Milestone: | --- | ||
Host: | Target: | ||
Build: | Last reconfirmed: | 2018-02-27 00:00:00 | |
Attachments: | Proposed patch |
Description
skysider
2018-02-26 03:38:43 UTC
Created attachment 10856 [details]
Proposed patch
Hi Skysider,
Unfortunately I could not reproduce the failure that you reported,
but I do agree that integer overflow could occur at that point in
the code. So please could you try out this patch and let me know
if it solves the problem for you.
Cheers
Nick
I test it in 32bit machine. I wonder if you compile in 32bit mode and it seems that it only crashes in 32 bit . The patch works. The master branch has been updated by Nick Clifton <nickc@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=eef104664efb52965d85a28bc3fc7c77e52e48e2 commit eef104664efb52965d85a28bc3fc7c77e52e48e2 Author: Nick Clifton <nickc@redhat.com> Date: Wed Feb 28 10:13:54 2018 +0000 Fix potential integer overflow when reading corrupt dwarf1 debug information. PR 22894 * dwarf1.c (parse_die): Check the length of form blocks before advancing the data pointer. Patch applied. |