unw_decode_uleb128 (const unsigned char **dpp, const unsigned char * end)
{
unsigned shift = 0;
+ int status = 1;
unw_word byte, result = 0;
const unsigned char *bp = *dpp;
while (bp < end)
{
byte = *bp++;
- result |= (byte & 0x7f) << shift;
+ if (shift < sizeof (result) * 8)
+ {
+ result |= (byte & 0x7f) << shift;
+ if ((result >> shift) != (byte & 0x7f))
+ /* Overflow. */
+ status |= 2;
+ shift += 7;
+ }
+ else if ((byte & 0x7f) != 0)
+ status |= 2;
if ((byte & 0x80) == 0)
- break;
-
- shift += 7;
+ {
+ status &= ~1;
+ break;
+ }
}
*dpp = bp;
+ if (status != 0)
+ printf (_("Bad uleb128\n"));
return result;
}