https://sourceware.org/bugzilla/show_bug.cgi?id=27295
--- Comment #2 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> --- The master branch has been updated by Alan Modra <amo...@sourceware.org>: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1cfcf3004e1830f8fe9112cfcd15285508d2c2b7 commit 1cfcf3004e1830f8fe9112cfcd15285508d2c2b7 Author: Alan Modra <amo...@gmail.com> Date: Thu Feb 11 16:56:42 2021 +1030 PR27290, PR27293, PR27295, various avr objdump fixes Adds missing sanity checks for avr device info note, to avoid potential buffer overflows. Uses bfd_malloc_and_get_section for sanity checking section size. PR 27290 PR 27293 PR 27295 * od-elf32_avr.c (elf32_avr_get_note_section_contents): Formatting. Use bfd_malloc_and_get_section. (elf32_avr_get_note_desc): Formatting. Return descsz. Sanity check namesz. Return NULL if descsz is too small. Ensure string table is terminated. (elf32_avr_get_device_info): Formatting. Add note_size param. Sanity check note. (elf32_avr_dump_mem_usage): Adjust to suit. -- You are receiving this mail because: You are on the CC list for the bug.
