From: Alan Modra Date: Tue, 19 Feb 2019 12:18:44 +0000 (+1030) Subject: PR24235, Read memory violation in pei-x86_64.c X-Git-Url: http://git.efficios.com/?a=commitdiff_plain;h=179f2db0d9c397d7dd8a59907b84208b79f7f48c;p=deliverable%2Fbinutils-gdb.git PR24235, Read memory violation in pei-x86_64.c PR 24235 * pei-x86_64.c (pex64_bfd_print_pdata_section): Correct checks attempting to prevent read past end of section. --- diff --git a/bfd/ChangeLog b/bfd/ChangeLog index d173adcc7c..72c87c78a2 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,9 @@ +2019-02-19 Alan Modra + + PR 24235 + * pei-x86_64.c (pex64_bfd_print_pdata_section): Correct checks + attempting to prevent read past end of section. + 2019-02-18 Alan Modra PR 24225 diff --git a/bfd/pei-x86_64.c b/bfd/pei-x86_64.c index ff1093c1e3..7e751049f7 100644 --- a/bfd/pei-x86_64.c +++ b/bfd/pei-x86_64.c @@ -541,7 +541,7 @@ pex64_bfd_print_pdata_section (bfd *abfd, void *vfile, asection *pdata_section) /* virt_size might be zero for objects. */ if (stop == 0 && strcmp (abfd->xvec->name, "pe-x86-64") == 0) { - stop = (datasize / onaline) * onaline; + stop = datasize; virt_size_is_zero = TRUE; } else if (datasize < stop) @@ -551,8 +551,8 @@ pex64_bfd_print_pdata_section (bfd *abfd, void *vfile, asection *pdata_section) _("Warning: %s section size (%ld) is smaller than virtual size (%ld)\n"), pdata_section->name, (unsigned long) datasize, (unsigned long) stop); - /* Be sure not to read passed datasize. */ - stop = datasize / onaline; + /* Be sure not to read past datasize. */ + stop = datasize; } /* Display functions table. */ @@ -724,8 +724,7 @@ pex64_bfd_print_pdata_section (bfd *abfd, void *vfile, asection *pdata_section) altent += imagebase; if (altent >= pdata_vma - && (altent + PDATA_ROW_SIZE <= pdata_vma - + pei_section_data (abfd, pdata_section)->virt_size)) + && altent - pdata_vma + PDATA_ROW_SIZE <= stop) { pex64_get_runtime_function (abfd, &arf, &pdata[altent - pdata_vma]);