35 lines
1.2 KiB
Diff
35 lines
1.2 KiB
Diff
--- binutils.orig/bfd/dwarf2.c 2021-04-09 16:59:18.345187116 +0100
|
|
+++ binutils-2.35/bfd/dwarf2.c 2021-04-09 17:02:03.614064723 +0100
|
|
@@ -539,6 +539,8 @@ read_section (bfd * abfd,
|
|
/* The section may have already been read. */
|
|
if (contents == NULL)
|
|
{
|
|
+ ufile_ptr filesize;
|
|
+
|
|
msec = bfd_get_section_by_name (abfd, section_name);
|
|
if (! msec)
|
|
{
|
|
@@ -554,10 +556,20 @@ read_section (bfd * abfd,
|
|
return FALSE;
|
|
}
|
|
|
|
- *section_size = msec->rawsize ? msec->rawsize : msec->size;
|
|
+ amt = bfd_get_section_limit_octets (abfd, msec);
|
|
+ filesize = bfd_get_file_size (abfd);
|
|
+ if (amt >= filesize)
|
|
+ {
|
|
+ /* PR 26946 */
|
|
+ _bfd_error_handler (_("DWARF error: section %s is larger than its filesize! (0x%lx vs 0x%lx)"),
|
|
+ section_name, (long) amt, (long) filesize);
|
|
+ bfd_set_error (bfd_error_bad_value);
|
|
+ return FALSE;
|
|
+ }
|
|
+ *section_size = amt;
|
|
/* Paranoia - alloc one extra so that we can make sure a string
|
|
section is NUL terminated. */
|
|
- amt = *section_size + 1;
|
|
+ amt += 1;
|
|
if (amt == 0)
|
|
{
|
|
bfd_set_error (bfd_error_no_memory);
|