projects
/
deliverable
/
binutils-gdb.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix stack buffer overflows when parsing corrupt ihex files.
[deliverable/binutils-gdb.git]
/
binutils
/
sysdump.c
diff --git
a/binutils/sysdump.c
b/binutils/sysdump.c
index 12b1034624bff98f94ac81f4041b73d7a0a734ca..177262c9b1beb872620a548b8eefd1e5ec7504c8 100644
(file)
--- a/
binutils/sysdump.c
+++ b/
binutils/sysdump.c
@@
-1,12
+1,11
@@
/* Sysroff object format dumper.
/* Sysroff object format dumper.
- Copyright 1994, 1995, 1998, 1999, 2000, 2001, 2002, 2003, 2005, 2007
- Free Software Foundation, Inc.
+ Copyright (C) 1994-2015 Free Software Foundation, Inc.
This file is part of GNU Binutils.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
This file is part of GNU Binutils.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version
2
of the License, or
+ the Free Software Foundation; either version
3
of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
(at your option) any later version.
This program is distributed in the hope that it will be useful,
@@
-25,13
+24,12
@@
This program reads a SYSROFF object file and prints it in an
almost human readable form to stdout. */
This program reads a SYSROFF object file and prints it in an
almost human readable form to stdout. */
+#include "sysdep.h"
#include "bfd.h"
#include "bfd.h"
-#include "bucomm.h"
#include "safe-ctype.h"
#include "safe-ctype.h"
-
-#include <stdio.h>
#include "libiberty.h"
#include "getopt.h"
#include "libiberty.h"
#include "getopt.h"
+#include "bucomm.h"
#include "sysroff.h"
static int dump = 1;
#include "sysroff.h"
static int dump = 1;
@@
-64,10
+62,13
@@
getCHARS (unsigned char *ptr, int *idx, int size, int max)
int b = size;
if (b >= max)
int b = size;
if (b >= max)
- return
"*undefined*"
;
+ return
_("*undefined*")
;
if (b == 0)
{
if (b == 0)
{
+ /* PR 17512: file: 13caced2. */
+ if (oc >= max)
+ return _("*corrupt*");
/* Got to work out the length of the string from self. */
b = ptr[oc++];
(*idx) += 8;
/* Got to work out the length of the string from self. */
b = ptr[oc++];
(*idx) += 8;
@@
-120,20
+121,27
@@
fillup (unsigned char *ptr)
int sum;
int i;
int sum;
int i;
- size = getc (file) - 2;
- fread (ptr, 1, size, file);
+ size = getc (file);
+ if (size == EOF
+ || size <= 2)
+ return 0;
+
+ size -= 2;
+ if (fread (ptr, size, 1, file) != 1)
+ return 0;
+
sum = code + size + 2;
for (i = 0; i < size; i++)
sum += ptr[i];
if ((sum & 0xff) != 0xff)
sum = code + size + 2;
for (i = 0; i < size; i++)
sum += ptr[i];
if ((sum & 0xff) != 0xff)
- printf (
"SUM IS %x\n"
, sum);
+ printf (
_("SUM IS %x\n")
, sum);
if (dump)
dh (ptr, size);
if (dump)
dh (ptr, size);
- return size
- 1
;
+ return size;
}
static barray
}
static barray
@@
-161,7
+169,12
@@
getINT (unsigned char *ptr, int *idx, int size, int max)
int byte = *idx / 8;
if (byte >= max)
int byte = *idx / 8;
if (byte >= max)
- return 0;
+ {
+ /* PR 17512: file: id:000001,src:000002,op:flip1,pos:45. */
+ /* Prevent infinite loops re-reading beyond the end of the buffer. */
+ fatal (_("ICE: getINT: Out of buffer space"));
+ return 0;
+ }
if (size == -2)
size = addrsize;
if (size == -2)
size = addrsize;
@@
-183,7
+196,7
@@
getINT (unsigned char *ptr, int *idx, int size, int max)
n = (ptr[byte + 0] << 24) + (ptr[byte + 1] << 16) + (ptr[byte + 2] << 8) + (ptr[byte + 3]);
break;
default:
n = (ptr[byte + 0] << 24) + (ptr[byte + 1] << 16) + (ptr[byte + 2] << 8) + (ptr[byte + 3]);
break;
default:
-
abort (
);
+
fatal (_("Unsupported read size: %d"), size
);
}
*idx += size * 8;
}
*idx += size * 8;
@@
-205,9
+218,9
@@
getBITS (unsigned char *ptr, int *idx, int size, int max)
}
static void
}
static void
-itheader (char *name, int code)
+itheader (char *name, int
i
code)
{
{
- printf ("\n%s 0x%02x\n", name, code);
+ printf ("\n%s 0x%02x\n", name,
i
code);
}
static int indent;
}
static int indent;
@@
-494,7
+507,7
@@
getone (int type)
break;
default:
break;
default:
- printf (
"GOT A %x\n"
, c);
+ printf (
_("GOT A %x\n")
, c);
return 0;
break;
}
return 0;
break;
}
@@
-512,7
+525,7
@@
static void
must (int x)
{
if (!getone (x))
must (int x)
{
if (!getone (x))
- printf (
"WANTED %x!!\n"
, x);
+ printf (
_("WANTED %x!!\n")
, x);
}
static void
}
static void
@@
-523,15
+536,14
@@
tab (int i, char *s)
if (s)
{
p ();
if (s)
{
p ();
- printf (s);
- printf ("\n");
+ puts (s);
}
}
static void
dump_symbol_info (void)
{
}
}
static void
dump_symbol_info (void)
{
- tab (1,
"SYMBOL INFO"
);
+ tab (1,
_("SYMBOL INFO")
);
while (opt (IT_dsy_CODE))
{
while (opt (IT_dsy_CODE))
{
@@
-549,7
+561,7
@@
dump_symbol_info (void)
static void
derived_type (void)
{
static void
derived_type (void)
{
- tab (1,
"DERIVED TYPE"
);
+ tab (1,
_("DERIVED TYPE")
);
while (1)
{
while (1)
{
@@
-606,11
+618,13
@@
module (void)
int c = 0;
int l = 0;
int c = 0;
int l = 0;
- tab (1,
"MODULE***\n"
);
+ tab (1,
_("MODULE***\n")
);
do
{
c = getc (file);
do
{
c = getc (file);
+ if (c == EOF)
+ break;
ungetc (c, file);
c &= 0x7f;
ungetc (c, file);
c &= 0x7f;
@@
-636,16
+650,16
@@
module (void)
char *program_name;
static void
char *program_name;
static void
-show_usage (FILE *file, int status)
+show_usage (FILE *f
f
ile, int status)
{
{
- fprintf (file, _("Usage: %s [option(s)] in-file\n"), program_name);
- fprintf (file, _("Print a human readable interpretation of a SYSROFF object file\n"));
- fprintf (file, _(" The options are:\n\
+ fprintf (f
f
ile, _("Usage: %s [option(s)] in-file\n"), program_name);
+ fprintf (f
f
ile, _("Print a human readable interpretation of a SYSROFF object file\n"));
+ fprintf (f
f
ile, _(" The options are:\n\
-h --help Display this information\n\
-v --version Print the program's version number\n"));
if (REPORT_BUGS_TO[0] && status == 0)
-h --help Display this information\n\
-v --version Print the program's version number\n"));
if (REPORT_BUGS_TO[0] && status == 0)
- fprintf (file, _("Report bugs to %s\n"), REPORT_BUGS_TO);
+ fprintf (f
f
ile, _("Report bugs to %s\n"), REPORT_BUGS_TO);
exit (status);
}
exit (status);
}
@@
-653,7
+667,7
@@
int
main (int ac, char **av)
{
char *input_file = NULL;
main (int ac, char **av)
{
char *input_file = NULL;
- int opt;
+ int opt
ion
;
static struct option long_options[] =
{
{"help", no_argument, 0, 'h'},
static struct option long_options[] =
{
{"help", no_argument, 0, 'h'},
@@
-672,12
+686,13
@@
main (int ac, char **av)
program_name = av[0];
xmalloc_set_program_name (program_name);
program_name = av[0];
xmalloc_set_program_name (program_name);
+ bfd_set_error_program_name (program_name);
expandargv (&ac, &av);
expandargv (&ac, &av);
- while ((opt = getopt_long (ac, av, "HhVv", long_options, (int *) NULL)) != EOF)
+ while ((opt
ion
= getopt_long (ac, av, "HhVv", long_options, (int *) NULL)) != EOF)
{
{
- switch (opt)
+ switch (opt
ion
)
{
case 'H':
case 'h':
{
case 'H':
case 'h':
This page took
0.026766 seconds
and
4
git commands to generate.