Fixes for memory access violations exposed by fuzzinf various binaries.

[deliverable/binutils-gdb.git] / binutils / dwarf.c

diff --git a/binutils/dwarf.c b/binutils/dwarf.c
index 7f3a568e8134ccb524facc7d172e6d3b32856d84..8213f4dc9e106ad1ac11d16546f6510eb2944056 100644 (file)
--- a/binutils/dwarf.c
+++ b/binutils/dwarf.c
@@ -142,6 +142,14 @@ get_encoded_value (unsigned char **pdata,
       return 0;
     }
 
+  /* PR 17512: file: 1085-5603-0.004.  */
+  if (size == 0)
+    {
+      warn (_("Encoded size of 0 is too small to read\n"));
+      * pdata = end;
+      return 0;
+    }
+
   if (encoding & DW_EH_PE_signed)
     val = byte_get_signed (data, size);
   else
@@ -2786,6 +2794,13 @@ display_debug_lines_raw (struct dwarf_section *section,
          printf (_("  Line Range:                  %d\n"), linfo.li_line_range);
          printf (_("  Opcode Base:                 %d\n"), linfo.li_opcode_base);
 
+         /* PR 17512: file: 1665-6428-0.004.  */
+         if (linfo.li_line_range == 0)
+           {
+             warn (_("Line range of 0 is invalid, using 1 instead\n"));
+             linfo.li_line_range = 1;
+           }
+
          reset_state_machine (linfo.li_default_is_stmt);
 
          /* Display the contents of the Opcodes table.  */
@@ -5697,6 +5712,15 @@ display_debug_frames (struct dwarf_section *section,
              augmentation_data_len = LEB ();
              augmentation_data = start;
              start += augmentation_data_len;
+             /* PR 17512: file: 722-8446-0.004.  */
+             if (start >= end)
+               {
+                 warn (_("Corrupt augmentation data length: %lx\n"),
+                       augmentation_data_len);
+                 start = end;
+                 augmentation_data = NULL;
+                 augmentation_data_len = 0;
+               }
            }
 
          printf ("\n%08lx %s %s FDE cie=%08lx pc=",