[Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in

Tue, 09 Dec 2014 04:44:42 -0800 

https://sourceware.org/bugzilla/show_bug.cgi?id=17512

--- Comment #123 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot 
gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "gdb and binutils".

The branch, master has been updated
       via  f64e188b58f4aab4cbd03aa6e9fc1aa602546e26 (commit)
      from  137d1369ac054744d27f19e95aa8a739e6c0068d (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f64e188b58f4aab4cbd03aa6e9fc1aa602546e26

commit f64e188b58f4aab4cbd03aa6e9fc1aa602546e26
Author: Nick Clifton <ni...@redhat.com>
Date:   Tue Dec 9 12:42:18 2014 +0000

    More fixes for memory access violations triggered by fuzzed binaries.

        PR binutils/17512
        * objdump.c (display_any_bfd): Avoid infinite loop closing and
        opening the same archive again and again.

        * archive64.c (bfd_elf64_archive_slurp_armap): Add range checks.
        * libbfd.c (safe_read_leb128): New function.
        * libbfd-in.h (safe_read_leb128): Add prototype.
        * libbfd.h: Regenerate.
        * elf-attrs.c (_bfd_elf_parse_attributes): Use safe_read_leb128.
        Check for an over-long subsection length.
        * elf.c (elf_parse_notes): Check that the namedata is long enough
        for the string comparison that is about to be performed.
        (elf_read_notes): Zero-terminate the note buffer.

-----------------------------------------------------------------------

Summary of changes:
 bfd/ChangeLog      |   13 ++++++++++++
 bfd/archive64.c    |   11 +++++++++-
 bfd/elf-attrs.c    |   15 ++++++++-----
 bfd/elf.c          |   53 ++++++++++++++++++++++++++++-----------------------
 bfd/libbfd-in.h    |    2 +
 bfd/libbfd.c       |   39 ++++++++++++++++++++++++++++++++++++++
 bfd/libbfd.h       |    2 +
 binutils/ChangeLog |    6 +++++
 binutils/objdump.c |   10 ++++++++-
 9 files changed, 119 insertions(+), 32 deletions(-)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils

Reply via email to