projects / deliverable / binutils-gdb.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cef2097) | patch
asan: som: heap-buffer-overflow
authorAlan Modra <amodra@gmail.com>
Thu, 26 Dec 2019 01:55:31 +0000 (12:25 +1030)
committerAlan Modra <amodra@gmail.com>
Thu, 26 Dec 2019 07:19:03 +0000 (17:49 +1030)
commite5af216040aba59952c99d6479ba5279cee6825d
tree6f012dedae343b175af25c56e1759149b4a7bbb0tree | snapshot
parentcef2097a8731b04accf50d99c9b5a556cebd5f15commit | diff
asan: som: heap-buffer-overflow

Triggered by overflow of size calulation resulting in a too small
buffer.  The testcase found one of the som_bfd_count_ar_symbols
problems.

* som.c (setup_sections): Don't overflow space_strings_size.  Use
bfd_malloc2 to catch overflow of size calculation.
(som_prep_for_fixups): Use bfd_zalloc2 to catch overflow of size
calculation.
(som_build_and_write_symbol_table): Similarly use bfd_zmalloc2.
(som_slurp_symbol_table): Similarly use bfd_zmalloc2, bfd_malloc2,
and bfd_zalloc2.
(bfd_som_attach_aux_hdr): Use size_t vars for string length.
(som_bfd_count_ar_symbols): Use bfd_malloc2 to catch overflow of
size calculation.  Use size_t vars for length and catch overflow.
(som_slurp_armap): Use bfd_alloc2 to catch overflow of size
calculation.
(som_bfd_ar_write_symbol_stuff): Similarly use bfd_zmalloc2 and
bfd_malloc2.  Perform size calculations in bfd_size_type.
bfd/ChangeLog diff | blob | blame | history
bfd/som.c diff | blob | blame | history
GDB Binutils - Deliverables
This page took 0.024836 seconds and 4 git commands to generate.