Automatic date update in version.in

[deliverable/binutils-gdb.git] / bfd / coffgen.c

diff --git a/bfd/coffgen.c b/bfd/coffgen.c
index dda98394f11e6aa1b2b8c09cfeb47a466f01cc35..94589b43d2f0d21d70e4caa87e2fb763cc0c0c28 100644 (file)
--- a/bfd/coffgen.c
+++ b/bfd/coffgen.c
@@ -225,12 +225,12 @@ make_a_section_from_file (bfd *abfd,
 
 /* Read in a COFF object and make it into a BFD.  This is used by
    ECOFF as well.  */
-const bfd_target *
+bfd_cleanup
 coff_real_object_p (bfd *,
                    unsigned,
                    struct internal_filehdr *,
                    struct internal_aouthdr *);
-const bfd_target *
+bfd_cleanup
 coff_real_object_p (bfd *abfd,
                    unsigned nscns,
                    struct internal_filehdr *internal_f,
@@ -300,7 +300,7 @@ coff_real_object_p (bfd *abfd,
     }
 
   _bfd_coff_free_symbols (abfd);
-  return abfd->xvec;
+  return _bfd_no_cleanup;
 
  fail:
   _bfd_coff_free_symbols (abfd);
@@ -309,13 +309,13 @@ coff_real_object_p (bfd *abfd,
   abfd->tdata.any = tdata_save;
   abfd->flags = oflags;
   abfd->start_address = ostart;
-  return (const bfd_target *) NULL;
+  return NULL;
 }
 
 /* Turn a COFF file into a BFD, but fail with bfd_error_wrong_format if it is
    not a COFF file.  This is also used by ECOFF.  */
 
-const bfd_target *
+bfd_cleanup
 coff_object_p (bfd *abfd)
 {
   bfd_size_type filhsz;
@@ -544,11 +544,8 @@ _bfd_coff_read_internal_relocs (bfd *abfd,
   for (; erel < erel_end; erel += relsz, irel++)
     bfd_coff_swap_reloc_in (abfd, (void *) erel, (void *) irel);
 
-  if (free_external != NULL)
-    {
-      free (free_external);
-      free_external = NULL;
-    }
+  free (free_external);
+  free_external = NULL;
 
   if (cache && free_internal != NULL)
     {
@@ -566,10 +563,8 @@ _bfd_coff_read_internal_relocs (bfd *abfd,
   return internal_relocs;
 
  error_return:
-  if (free_external != NULL)
-    free (free_external);
-  if (free_internal != NULL)
-    free (free_internal);
+  free (free_external);
+  free (free_internal);
   return NULL;
 }
 
@@ -1632,20 +1627,14 @@ _bfd_coff_get_external_symbols (bfd *abfd)
   size_t symesz;
   size_t size;
   void * syms;
-  ufile_ptr filesize;
 
   if (obj_coff_external_syms (abfd) != NULL)
     return TRUE;
 
-  /* Check for integer overflow and for unreasonable symbol counts.  */
-  filesize = bfd_get_file_size (abfd);
   symesz = bfd_coff_symesz (abfd);
-  if (_bfd_mul_overflow (obj_raw_syment_count (abfd), symesz, &size)
-      || (filesize != 0 && size > filesize))
+  if (_bfd_mul_overflow (obj_raw_syment_count (abfd), symesz, &size))
     {
       bfd_set_error (bfd_error_file_truncated);
-      _bfd_error_handler (_("%pB: corrupt symbol count: %#" PRIx64 ""),
-                         abfd, (uint64_t) obj_raw_syment_count (abfd));
       return FALSE;
     }
 
@@ -1824,6 +1813,13 @@ coff_get_normalized_symtab (bfd *abfd)
       symbol_ptr = internal_ptr;
       internal_ptr->is_sym = TRUE;
 
+      /* PR 17512: Prevent buffer overrun.  */
+      if (symbol_ptr->u.syment.n_numaux > (raw_end - raw_src) / symesz)
+       {
+         bfd_release (abfd, internal);
+         return NULL;
+       }
+
       for (i = 0;
           i < symbol_ptr->u.syment.n_numaux;
           i++)
@@ -1831,13 +1827,6 @@ coff_get_normalized_symtab (bfd *abfd)
          internal_ptr++;
          raw_src += symesz;
 
-         /* PR 17512: Prevent buffer overrun.  */
-         if (raw_src >= raw_end || internal_ptr >= internal_end)
-           {
-             bfd_release (abfd, internal);
-             return NULL;
-           }
-
          bfd_coff_swap_aux_in (abfd, (void *) raw_src,
                                symbol_ptr->u.syment.n_type,
                                symbol_ptr->u.syment.n_sclass,