Andreas.
2009-01-27 Andreas Schwab <schwab@suse.de>
* mach-o.c (bfd_mach_o_archive_p): Restrict the number of
architectures in the archive.
--- bfd/mach-o.c 07 Jan 2009 09:44:50 +0100 1.31
+++ bfd/mach-o.c 27 Jan 2009 15:28:33 +0100
@@ -2098,6 +2098,11 @@ bfd_mach_o_archive_p (bfd *abfd)
adata->nfat_arch = bfd_getb32 (buf + 4);
if (adata->magic != 0xcafebabe)
goto error;
+ /* Avoid matching Java bytecode files, which have the same magic
number.
+ In the Java bytecode file format this field contains to the JVM
+ version, which starts at 43.0. */
+ if (adata->nfat_arch > 30)
+ goto error;
adata->archentries =
bfd_alloc (abfd, adata->nfat_arch * sizeof
(mach_o_fat_archentry));
--
Andreas Schwab, SuSE Labs, schwab@suse.de
SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276
4ED5
"And now for something completely different."