pr21665
Nick Clifton
nickc@redhat.com
Fri Jun 30 14:54:00 GMT 2017
Hi Alan,
> I haven't looked at the bug in detail, but since the testcases are
> 64-bit, is the problem that on a 32-bit target we're not catching a
> size_t overflow?
No - the problem is that the testcase has a pathological .init section:
% readelf --wide -S POC2
...
[11] .init PROGBITS 0000000000401ab0 001ab0 800000001a 00 AX 0 0 4
...
Note the size - 0x8000000001a - this is too much for xmalloc() to handle,
(at least on my system), and it triggers an error report if run with
address sanitization enabled.
I do not think that we have to worry about overflow since datasize's type
is bfd_size_type, which is always going to be at least an unsigned long,
right ?
Cheers
Nick
More information about the Binutils
mailing list