This is the mail archive of the
binutils@sourceware.cygnus.com
mailing list for the binutils project.
Fix bfd_read to cope with bad BIMs
- To: binutils at sourceware dot cygnus dot com
- Subject: Fix bfd_read to cope with bad BIMs
- From: Nick Clifton <nickc at cygnus dot com>
- Date: Fri, 21 Jan 2000 10:33:49 -0800
Hi Guys,
The patch below fixes a small bug in bfd_read(). If a bfd_in_memory
structure has a "size" field that is less than the value of
"abfd->where" then the code would attempt to memcpy() a negative sized
amount of data, resulting in a segmentation fault.
Is this patch OK to apply ?
Cheers
Nick
2000-01-21 Nick Clifton <nickc@cygnus.com>
* libbfd.c (bfd_read): Do not attempt to get a negativly sized
amount from a bfd_in_memory structure.
Index: libbfd.c
===================================================================
RCS file: /cvs/binutils/binutils/bfd/libbfd.c,v
retrieving revision 1.7
diff -p -r1.7 libbfd.c
*** libbfd.c 1999/11/09 19:13:21 1.7
--- libbfd.c 2000/01/21 18:30:07
*************** bfd_read (ptr, size, nitems, abfd)
*** 274,280 ****
get = size * nitems;
if (abfd->where + get > bim->size)
{
! get = bim->size - abfd->where;
bfd_set_error (bfd_error_file_truncated);
}
memcpy (ptr, bim->buffer + abfd->where, get);
--- 274,283 ----
get = size * nitems;
if (abfd->where + get > bim->size)
{
! if (bim->size < abfd->where)
! get = 0;
! else
! get = bim->size - abfd->where;
bfd_set_error (bfd_error_file_truncated);
}
memcpy (ptr, bim->buffer + abfd->where, get);