Fix potential illegal memory access in ZLIB because of an erroneous declaration of...

author Nick Clifton <nickc@redhat.com>

Fri, 17 Feb 2017 11:39:20 +0000 (11:39 +0000)

committer Nick Clifton <nickc@redhat.com>

Fri, 17 Feb 2017 11:39:20 +0000 (11:39 +0000)
author Nick Clifton <nickc@redhat.com>
Fri, 17 Feb 2017 11:39:20 +0000 (11:39 +0000)
committer Nick Clifton <nickc@redhat.com>
Fri, 17 Feb 2017 11:39:20 +0000 (11:39 +0000)
diff --git a/bfd/ChangeLog b/bfd/ChangeLog

index be8bd680b0727215f27ef368f87c950b64c4f7f9..3f3adc0e9f399095f555b1360c620d177ce30664 100644 (file)
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2017-02-17  Nick Clifton  <nickc@redhat.com>
+
+       * compress.c (bfd_get_full_section_contents): Remember to reduce
+       compressed size by the sizeof the compression header when
+       decompressing the contents.
+
  2017-02-17  Pedro Alves  <palves@redhat.com>
  
         * srec.c (Chunk): Rename to ...
diff --git a/bfd/compress.c b/bfd/compress.c

index 1ed7d74bf897939ae2e363b8adb475ea7f2fdc31..f881c074b856d8da7c8626890b1abc3377948123 100644 (file)
--- a/bfd/compress.c
+++ b/bfd/compress.c
@@ -300,7 +300,7 @@ bfd_get_full_section_contents (bfd *abfd, sec_ptr sec, bfd_byte **ptr)
            SHF_COMPRESSED section.  */
         compression_header_size = 12;
        if (!decompress_contents (compressed_buffer + compression_header_size,
-                               sec->compressed_size, p, sz))
+                               sec->compressed_size - compression_header_size, p, sz))
         {
           bfd_set_error (bfd_error_bad_value);
           if (p != *ptr)
author	Nick Clifton <nickc@redhat.com>
	Fri, 17 Feb 2017 11:39:20 +0000 (11:39 +0000)
committer	Nick Clifton <nickc@redhat.com>
	Fri, 17 Feb 2017 11:39:20 +0000 (11:39 +0000)
bfd/ChangeLog		patch \| blob \| blame \| history
bfd/compress.c		patch \| blob \| blame \| history