binutils/binutils-CVE-2018-12699-part6-PR28862.patch

--- binutils.orig/binutils/stabs.c	2024-11-06 17:39:57.460250962 +0000
+++ binutils-2.30/binutils/stabs.c	2024-11-06 17:41:32.293848603 +0000
@@ -1138,15 +1138,13 @@ parse_stab_string (void *dhandle, struct
     case 'Y':
       /* SUNPro C++ Namespace =Yn0.  */
       /* Skip the namespace mapping, as it is not used now.  */
-      if (*(++p) == 'n' && *(++p) == '0')
+      if (*p++ != 0 && *p++ == 'n' && *p++ == '0')
 	{
 	  /* =Yn0name; */
-	  while (*p != ';')
+	  while (*p && *p != ';')
 	    ++p;
-	  ++p;
-	  /* There is a potential resource leak here, but it is not important.  */
-	  /* coverity[leaked_storage: FALSE] */
-	  return TRUE;
+	  if (*p)
+	    return TRUE;
 	}
       /* TODO SUNPro C++ support:
          Support default arguments after F,P parameters
Fix illegal memory accesses when parsing corrupt a.out format files. [part 2] Resolves: RHEL-64927 2024-11-07 10:09:17 +00:00			`--- binutils.orig/binutils/stabs.c 2024-11-06 17:39:57.460250962 +0000`
			`+++ binutils-2.30/binutils/stabs.c 2024-11-06 17:41:32.293848603 +0000`
			`@@ -1138,15 +1138,13 @@ parse_stab_string (void *dhandle, struct`
			`case 'Y':`
			`/* SUNPro C++ Namespace =Yn0. */`
			`/* Skip the namespace mapping, as it is not used now. */`
			`- if ((++p) == 'n' && (++p) == '0')`
			`+ if (p++ != 0 && p++ == 'n' && *p++ == '0')`
			`{`
			`/* =Yn0name; */`
			`- while (*p != ';')`
			`+ while (p && p != ';')`
			`++p;`
			`- ++p;`
			`- /* There is a potential resource leak here, but it is not important. */`
			`- /* coverity[leaked_storage: FALSE] */`
			`- return TRUE;`
			`+ if (*p)`
			`+ return TRUE;`
			`}`
			`/* TODO SUNPro C++ support:`
			`Support default arguments after F,P parameters`