This is the mail archive of the
binutils-cvs@sourceware.org
mailing list for the binutils project.
[binutils-gdb/binutils-2_29-branch] Import patch from mainline to fix an address violation when parsing a corrupt PE binary.
- From: Nick Clifton <nickc at sourceware dot org>
- To: bfd-cvs at sourceware dot org
- Date: 14 Sep 2017 10:28:20 -0000
- Subject: [binutils-gdb/binutils-2_29-branch] Import patch from mainline to fix an address violation when parsing a corrupt PE binary.
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=dcaaca89e8618eba35193c27afcb1cfa54f74582
commit dcaaca89e8618eba35193c27afcb1cfa54f74582
Author: Nick Clifton <nickc@redhat.com>
Date: Thu Sep 14 11:27:40 2017 +0100
Import patch from mainline to fix an address violation when parsing a corrupt PE binary.
PR binutils/22113
* peXXigen.c (pe_print_idata): Extend check for HintName vector
entries.
Diff:
---
bfd/ChangeLog | 8 ++++++++
bfd/peXXigen.c | 5 +++--
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index aca2459..0aeefda 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,11 @@
+2017-09-14 Nick Clifton <nickc@redhat.com>
+
+ Import from mainline:
+
+ PR binutils/22113
+ * peXXigen.c (pe_print_idata): Extend check for HintName vector
+ entries.
+
2017-08-21 Hans-Peter Nilsson <hp@bitrange.com>
Import from mainline:
diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
index a18e0b2..f538c75 100644
--- a/bfd/peXXigen.c
+++ b/bfd/peXXigen.c
@@ -1514,7 +1514,7 @@ pe_print_idata (bfd * abfd, void * vfile)
member_high, member,
WithoutHighBit (member_high), member);
/* PR binutils/17512: Handle corrupt PE data. */
- else if (amt + 2 >= datasize)
+ else if (amt >= datasize || amt + 2 >= datasize)
fprintf (file, _("\t<corrupt: 0x%04lx>"), member);
else
{
@@ -1548,11 +1548,12 @@ pe_print_idata (bfd * abfd, void * vfile)
break;
amt = member - adj;
+
if (HighBitSet (member))
fprintf (file, "\t%04lx\t %4lu <none>",
member, WithoutHighBit (member));
/* PR binutils/17512: Handle corrupt PE data. */
- else if (amt + 2 >= datasize)
+ else if (amt >= datasize || amt + 2 >= datasize)
fprintf (file, _("\t<corrupt: 0x%04lx>"), member);
else
{