darkkirb/old-cross-binutils
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

* dwarf.c (process_debug_info): Protect against bogus length and

Browse source 
abbrev offsets.
This commit is contained in:
Nathan Sidwell 2007-01-31 08:42:45 +00:00
parent c9b57b7eb8
commit 460c89ff01
2 changed files with 24 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
binutils/ChangeLog
View file

@ -1,3 +1,8 @@
2007-01-31 Nathan Sidwell <nathan@codesourcery.com>
* dwarf.c (process_debug_info): Protect against bogus length and
abbrev offsets.
2007-01-25 Kazu Hirata <kazu@codesourcery.com>
* ar.c (print_contents, extract_file): Cast the return value

17
binutils/dwarf.c
View file

@ -1604,7 +1604,6 @@ process_debug_info (struct dwarf_section *section, void *file,
hdrptr += 2;
cu_offset = start - section_begin;
start += compunit.cu_length + initial_length_size;
cu_abbrev_offset_ptr = hdrptr;
compunit.cu_abbrev_offset = byte_get (hdrptr, offset_size);
@ -1628,8 +1627,6 @@ process_debug_info (struct dwarf_section *section, void *file,
debug_information [unit].num_range_lists = 0;
}
tags = hdrptr;
if (!do_loc)
{
printf (_(" Compilation Unit @ offset 0x%lx:\n"), cu_offset);
@ -1639,6 +1636,16 @@ process_debug_info (struct dwarf_section *section, void *file,
printf (_(" Pointer Size: %d\n"), compunit.cu_pointer_size);
}
if (cu_offset + compunit.cu_length + initial_length_size
> section->size)
{
warn (_("Debug info is corrupted, length is invalid (section is %lu bytes)\n"),
(unsigned long)section->size);
break;
}
tags = hdrptr;
start += compunit.cu_length + initial_length_size;
if (compunit.cu_version != 2 && compunit.cu_version != 3)
{
warn (_("Only version 2 and 3 DWARF debug information is currently supported.\n"));
@ -1649,6 +1656,10 @@ process_debug_info (struct dwarf_section *section, void *file,
/* Process the abbrevs used by this compilation unit. DWARF
sections under Mach-O have non-zero addresses. */
if (compunit.cu_abbrev_offset >= debug_displays [abbrev].section.size)
warn (_("Debug info is corrupted, abbrev offset is invalid (section is %lu bytes)\n"),
(unsigned long)debug_displays [abbrev].section.size);
else
process_abbrev_section
((unsigned char *) debug_displays [abbrev].section.start
+ compunit.cu_abbrev_offset - debug_displays [abbrev].section.address,