http://sourceware.org/bugzilla/show_bug.cgi?id=15140
H.J. Lu <hjl.tools at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |
--- Comment #7 from H.J. Lu <hjl.tools at gmail dot com> 2013-02-15 17:22:47
UTC ---
This patch:
@@ -619,6 +617,7 @@ _bfd_append_relative_path (bfd *arch, char *elt_name)
bfd *
_bfd_get_elt_at_filepos (bfd *archive, file_ptr filepos)
{
+ static file_ptr prev_filepos;
struct areltdata *new_areldata;
bfd *n_nfd;
char *filename;
@@ -626,6 +625,12 @@ _bfd_get_elt_at_filepos (bfd *archive, file_ptr filepos)
n_nfd = _bfd_look_for_bfd_in_cache (archive, filepos);
if (n_nfd)
return n_nfd;
+ /* PR15140: Prevent an inifnite recursion scanning a malformed nested
archive. */
+ if (filepos == prev_filepos)
+ {
+ bfd_set_error (bfd_error_malformed_archive);
+ return NULL;
+ }
if (0 > bfd_seek (archive, filepos, SEEK_SET))
return NULL;
@@ -634,6 +639,7 @@ _bfd_get_elt_at_filepos (bfd *archive, file_ptr filepos)
return NULL;
filename = new_areldata->filename;
+ prev_filepos = filepos;
if (bfd_is_thin_archive (archive))
{
has 2 problems:
1. It sets prev_filepos on success. The next call on the same
filepos returns NULL.
2. It checks prev_filepos without checking if archive is the same.
It caused PR 15151.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils
