| From 3656e414a711c9e30839467a5a86c93a805823a1 Mon Sep 17 00:00:00 2001 |
| From: Nick Clifton <nickc@redhat.com> |
| Date: Wed, 19 Oct 2022 15:09:12 +0100 |
| Subject: [PATCH 2/3] Fix an illegal memory access when parsing an ELF file |
| containing corrupt symbol version information. |
| |
| PR 29699 |
| * elf.c (_bfd_elf_slurp_version_tables): Fail if the sh_info field |
| of the section header is zero. |
| --- |
| bfd/ChangeLog | 6 ++++++ |
| bfd/elf.c | 4 +++- |
| 2 files changed, 9 insertions(+), 1 deletion(-) |
| |
| diff --git a/bfd/ChangeLog b/bfd/ChangeLog |
| index 718e8a3e323..afaf23787fb 100644 |
| --- a/bfd/ChangeLog |
| +++ b/bfd/ChangeLog |
| @@ -1,3 +1,9 @@ |
| +2022-10-19 Nick Clifton <nickc@redhat.com> |
| + |
| + PR 29699 |
| + * elf.c (_bfd_elf_slurp_version_tables): Fail if the sh_info field |
| + of the section header is zero. |
| + |
| 2021-07-21 Nick Clifton <nickc@redhat.com> |
| |
| * po/ru.po: Updated Russian translation. |
| diff --git a/bfd/elf.c b/bfd/elf.c |
| index 84a5d942817..9e8f43bf660 100644 |
| --- a/bfd/elf.c |
| +++ b/bfd/elf.c |
| @@ -8730,7 +8730,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bfd_boolean default_imported_symver) |
| bfd_set_error (bfd_error_file_too_big); |
| goto error_return_verref; |
| } |
| - elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_alloc (abfd, amt); |
| + if (amt == 0) |
| + goto error_return_verref; |
| + elf_tdata (abfd)->verref = (Elf_Internal_Verneed *) bfd_zalloc (abfd, amt); |
| if (elf_tdata (abfd)->verref == NULL) |
| goto error_return_verref; |
| |
| -- |
| 2.40.0.rc1.284.g88254d51c5-goog |
| |
