PR23147, Heap buffer overflow in pe_print_idata

Message ID 20180509044949.GD28782@bubble.grove.modra.org
State New
Headers show
Series
  • PR23147, Heap buffer overflow in pe_print_idata
Related show

Commit Message

Alan Modra May 9, 2018, 4:49 a.m.
PR 23147
	* peXXigen.c (pe_print_idata): Bound check hint_addr.


-- 
Alan Modra
Australia Development Lab, IBM

Patch

diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
index 5e0acc4571..b32cc18681 100644
--- a/bfd/peXXigen.c
+++ b/bfd/peXXigen.c
@@ -1438,7 +1438,7 @@  pe_print_idata (bfd * abfd, void * vfile)
       if (hint_addr == 0)
 	hint_addr = first_thunk;
 
-      if (hint_addr != 0)
+      if (hint_addr != 0 && hint_addr - adj < datasize)
 	{
 	  bfd_byte *ft_data;
 	  asection *ft_section;