[Patch]: do not allow to read past the end of an archive member
Tue Jun 8 14:14:00 GMT 2010
the bfd_bread() code to prevent from reading past of an archive member is buggy: it worked only
if the current position is the start of the member. This patch fixes this issue.
Ok to commit ?
(no regressions on i386 gnu/linux)
2010-06-08 Tristan Gingold <firstname.lastname@example.org>
* bfdio.c (bfd_bread): Fix the code to prevent reading past the
end of archive members.
@@ -180,8 +180,12 @@ bfd_bread (void *ptr, bfd_size_type size, bfd *abfd)
if (abfd->arelt_data != NULL)
size_t maxbytes = ((struct areltdata *) abfd->arelt_data)->parsed_size;
- if (size > maxbytes)
- size = maxbytes;
+ if (abfd->where + size > maxbytes)
+ if (abfd->where >= maxbytes)
+ return 0;
+ size = maxbytes - abfd->where;
More information about the Binutils