------- Additional Comments From kkojima at rr dot iij4u dot or dot jp 2006-04-23 23:44 ------- Created an attachment (id=978) --> (http://sourceware.org/bugzilla/attachment.cgi?id=978&action=view) a patch
I can reproduce this on CVS too. bfd/tekhex.c:getsym() doesn't check if the length character is a valid hexadecimal character. hex_value() returns 99 for non hexadecimal characters and getsym uses it as the length to be read. Then it causes a buffer overrun because getsym is called with only 17 bytes buffer. The patch attached seems to fix the given test case anyway, though it'd be better to add more checks. -- http://sourceware.org/bugzilla/show_bug.cgi?id=2584 ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org http://lists.gnu.org/mailman/listinfo/bug-binutils
