Commit: Fix potential buffer overrun in _bfd_XXi_swap_aux_out

Nick Clifton
Tue Mar 16 12:44:35 GMT 2021

Hi Guys,

  A static analyzer we use has thrown up an error in peXXigen.c:

    peXXigen.c:395: buffer_size: You might overrun the 14
    byte destination string "ext->x_file.x_fname" by writing
    the maximum 18 bytes from "in->x_file.x_fname". 

  So I am applying the patch below to fix this problem.


2021-03-16  Nick Clifton  <>

	* peXXigen.c (_bfd_XXi_swap_aux_out): Avoid potential buffer
	overrun by using sizeof of the destination x_fname field as the
	limit for a memcpy.

diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
index 83bbac51af..b3706723c8 100644
--- a/bfd/peXXigen.c
+++ b/bfd/peXXigen.c
@@ -380,7 +380,7 @@ _bfd_XXi_swap_aux_out (bfd *  abfd,
          H_PUT_32 (abfd, in->x_file.x_n.x_offset, ext->x_file.x_n.x_offset);
-       memcpy (ext->x_file.x_fname, in->x_file.x_fname, FILNMLEN);
+       memcpy (ext->x_file.x_fname, in->x_file.x_fname, sizeof (ext->x_file.x_fname));
       return AUXESZ;

More information about the Binutils mailing list