espressif/binutils-gdb
1
0
Fork 0
mirror of https://github.com/espressif/binutils-gdb.git synced 2025-06-29 08:24:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

PR27836, readelf -w pointer comparison UB

Browse Source 
PR 27836
	* dwarf.c (display_debug_frames): Don't compare pointers derived
	from user input.  Test offset against bounds instead.
This commit is contained in:
Alan Modra
2021-05-11 17:57:04 +09:30
parent ee35ce8200
commit 0d872fca02
2 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
binutils/ChangeLog
View File

@ -1,3 +1,9 @@
2021-05-12 Alan Modra <amodra@gmail.com>
PR 27836
* dwarf.c (display_debug_frames): Don't compare pointers derived
from user input. Test offset against bounds instead.
2021-05-12 Alan Modra <amodra@gmail.com> 2021-05-12 Alan Modra <amodra@gmail.com>
PR 27853 PR 27853

10
binutils/dwarf.c
View File

@ -8810,16 +8810,18 @@ display_debug_frames (struct dwarf_section *section,
{ {
unsigned char *look_for; unsigned char *look_for;
unsigned long segment_selector; unsigned long segment_selector;
dwarf_vma cie_off;
cie_off = cie_id;
if (is_eh) if (is_eh)
{ {
dwarf_vma sign = (dwarf_vma) 1 << (offset_size * 8 - 1); dwarf_vma sign = (dwarf_vma) 1 << (offset_size * 8 - 1);
look_for = start - 4 - ((cie_id ^ sign) - sign); cie_off = (cie_off ^ sign) - sign;
cie_off = start - 4 - section_start - cie_off;
} }
else
look_for = section_start + cie_id;
if (look_for <= saved_start) look_for = section_start + cie_off;
if (cie_off <= (dwarf_vma) (saved_start - section_start))
{ {
for (cie = chunks; cie ; cie = cie->next) for (cie = chunks; cie ; cie = cie->next)
if (cie->chunk_start == look_for) if (cie->chunk_start == look_for)