XCOFF64 uninitialised read

Message ID 20200322125646.GR4583@bubble.grove.modra.org
State New
Headers show
Series
  • XCOFF64 uninitialised read
Related show

Commit Message

H.J. Lu via Binutils March 22, 2020, 12:56 p.m.
Like git commit 67338173a4.

	* coff64-rs6000.c (xcoff64_slurp_armap): Ensure size is large
	enough to read number of symbols.


-- 
Alan Modra
Australia Development Lab, IBM

Patch

diff --git a/bfd/coff64-rs6000.c b/bfd/coff64-rs6000.c
index cca876eb4e..d34e25903c 100644
--- a/bfd/coff64-rs6000.c
+++ b/bfd/coff64-rs6000.c
@@ -1933,9 +1933,9 @@  xcoff64_slurp_armap (bfd *abfd)
     return FALSE;
 
   sz = bfd_scan_vma (hdr.size, (const char **) NULL, 10);
-  if (sz == (bfd_size_type) -1)
+  if (sz + 1 < 9)
     {
-      bfd_set_error (bfd_error_no_memory);
+      bfd_set_error (bfd_error_bad_value);
       return FALSE;
     }