PR27861, Infinite loop in dwarf.c:7507-7526

Message ID 20210513132243.GW25246@bubble.grove.modra.org
State New
Headers show
Series
  • PR27861, Infinite loop in dwarf.c:7507-7526
Related show

Commit Message

H.J. Lu via Binutils May 13, 2021, 1:22 p.m.
PR 27861
	* dwarf.c (display_debug_str_offsets): Sanity check dwarf5
	header length.


-- 
Alan Modra
Australia Development Lab, IBM

Patch

diff --git a/binutils/dwarf.c b/binutils/dwarf.c
index 20bd92657b3..b22d33c43dd 100644
--- a/binutils/dwarf.c
+++ b/binutils/dwarf.c
@@ -7487,7 +7487,14 @@  display_debug_str_offsets (struct dwarf_section *section,
 	}
       else
 	{
-	  entries_end = curr + length;
+	  if (length <= (dwarf_vma) (end - curr))
+	    entries_end = curr + length;
+	  else
+	    {
+	      warn (_("Section %s is too small %#lx\n"),
+		    section->name, (unsigned long) section->size);
+	      entries_end = end;
+	    }
 
 	  int version;
 	  SAFE_BYTE_GET_AND_INC (version, curr, 2, end);