This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

PATCH: Avoid buffer overflow in decode_arm_unwind


Hi,

I checked in this patch to avod buffer overflow as an obvious fix.


H.J.
---
diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index 506ab55..8058db3 100644
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,3 +1,7 @@
+2010-03-18  H.J. Lu  <hongjiu.lu@intel.com>
+
+	* readelf.c (decode_arm_unwind): Increase buf size to 9 byte.
+
 2010-03-17  Alan Modra  <amodra@gmail.com>
 
 	* readelf.c (dump_arm_unwind): Warning fix.
diff --git a/binutils/readelf.c b/binutils/readelf.c
index c76fc17..beaf947 100644
--- a/binutils/readelf.c
+++ b/binutils/readelf.c
@@ -6194,10 +6194,10 @@ decode_arm_unwind (struct arm_unw_aux_info *aux,
 	}
       else if (op == 0xb2)
 	{
-	  unsigned char buf[5];
+	  unsigned char buf[9];
 	  unsigned int i, len;
 	  unsigned long offset;
-	  for (i = 0; i < 9; i++)
+	  for (i = 0; i < sizeof (buf); i++)
 	    {
 	      GET_OP (buf[i]);
 	      if ((buf[i] & 0x80) == 0)


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]