diff options
Diffstat (limited to 'debian/patches/pr21135.diff')
-rw-r--r-- | debian/patches/pr21135.diff | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/debian/patches/pr21135.diff b/debian/patches/pr21135.diff new file mode 100644 index 0000000..88b358b --- /dev/null +++ b/debian/patches/pr21135.diff @@ -0,0 +1,106 @@ +# DP: Fix PR binutils/21135, invalid read of section contents. + +From f055032e4e922f1e1a5e11026c7c2669fa2a7d19 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Mon, 13 Feb 2017 15:04:37 +0000 +Subject: [PATCH] Fix invalid read of section contents whilst processing a + corrupt binary. + + PR binutils/21135 + * readelf.c (dump_section_as_bytes): Handle the case where + uncompress_section_contents returns false. + (dump_section_as_bytes, load_specific_debug_section): Likewise. + +--- + binutils/ChangeLog | 6 ++++++ + binutils/readelf.c | 16 ++++++++++++---- + 2 files changed, 18 insertions(+), 4 deletions(-) + +2017-02-13 Nick Clifton <nickc@redhat.com> + + PR binutils/21135 + * readelf.c (dump_section_as_bytes): Handle the case where + uncompress_section_contents returns false. + (dump_section_as_bytes, load_specific_debug_section): Likewise. + +Index: b/binutils/readelf.c +=================================================================== +--- a/binutils/readelf.c ++++ b/binutils/readelf.c +@@ -12668,10 +12668,18 @@ dump_section_as_strings (Elf_Internal_Sh + new_size -= 12; + } + +- if (uncompressed_size +- && uncompress_section_contents (& start, +- uncompressed_size, & new_size)) +- num_bytes = new_size; ++ if (uncompressed_size) ++ { ++ if (uncompress_section_contents (& start, ++ uncompressed_size, & new_size)) ++ num_bytes = new_size; ++ else ++ { ++ error (_("Unable to decompress section %s\n"), ++ printable_section_name (section)); ++ return; ++ } ++ } + } + + /* If the section being dumped has relocations against it the user might +@@ -12802,10 +12810,18 @@ dump_section_as_bytes (Elf_Internal_Shdr + new_size -= 12; + } + +- if (uncompressed_size +- && uncompress_section_contents (& start, uncompressed_size, +- & new_size)) +- section_size = new_size; ++ if (uncompressed_size) ++ { ++ if (uncompress_section_contents (& start, uncompressed_size, ++ & new_size)) ++ section_size = new_size; ++ else ++ { ++ error (_("Unable to decompress section %s\n"), ++ printable_section_name (section)); ++ return; ++ } ++ } + } + + if (relocate) +@@ -12955,14 +12971,22 @@ load_specific_debug_section (enum dwarf_ + size -= 12; + } + +- if (uncompressed_size +- && uncompress_section_contents (&start, uncompressed_size, +- &size)) +- { +- /* Free the compressed buffer, update the section buffer +- and the section size if uncompress is successful. */ +- free (section->start); +- section->start = start; ++ if (uncompressed_size) ++ { ++ if (uncompress_section_contents (&start, uncompressed_size, ++ &size)) ++ { ++ /* Free the compressed buffer, update the section buffer ++ and the section size if uncompress is successful. */ ++ free (section->start); ++ section->start = start; ++ } ++ else ++ { ++ error (_("Unable to decompress section %s\n"), ++ printable_section_name (sec)); ++ return 0; ++ } + } + section->size = size; + } |