fix a bogus error message from the DWARF LEB129 decoder
This commit is contained in:
panxiaohe
parent
a8fdd258a2
commit
0cf0fdfd73
@ -0,0 +1,60 @@
|
||||
From 08d7da7dc9e130cbaf072c2588e1b392c2d7503e Mon Sep 17 00:00:00 2001
|
||||
From: Nick Clifton <nickc@redhat.com>
|
||||
Date: Fri, 28 Aug 2020 16:04:49 +0100
|
||||
Subject: [PATCH] Fix a bogus error message from the DWARF LEB129 decoder when
|
||||
trying to read a signed LEB128 value containing the largest possible signed
|
||||
negative integer value.
|
||||
|
||||
PR 26548
|
||||
* dwarf.c (read_leb128): When checking for overflow of a signed
|
||||
read, use a signed shift.
|
||||
---
|
||||
binutils/dwarf.c | 28 +++++++++++++++++++++-------
|
||||
1 files changed, 21 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/binutils/dwarf.c b/binutils/dwarf.c
|
||||
index 52759948718..616e5348490 100644
|
||||
--- a/binutils/dwarf.c
|
||||
+++ b/binutils/dwarf.c
|
||||
@@ -345,20 +345,34 @@ read_leb128 (unsigned char *data,
|
||||
while (data < end)
|
||||
{
|
||||
unsigned char byte = *data++;
|
||||
+ bfd_boolean cont = (byte & 0x80) ? TRUE : FALSE;
|
||||
+
|
||||
+ byte &= 0x7f;
|
||||
num_read++;
|
||||
|
||||
if (shift < sizeof (result) * 8)
|
||||
{
|
||||
- result |= ((dwarf_vma) (byte & 0x7f)) << shift;
|
||||
- if ((result >> shift) != (byte & 0x7f))
|
||||
- /* Overflow. */
|
||||
- status |= 2;
|
||||
+ result |= ((dwarf_vma) byte) << shift;
|
||||
+ if (sign)
|
||||
+ {
|
||||
+ if ((((dwarf_signed_vma) result >> shift) & 0x7f) != byte)
|
||||
+ /* Overflow. */
|
||||
+ status |= 2;
|
||||
+ }
|
||||
+ else if ((result >> shift) != byte)
|
||||
+ {
|
||||
+ /* Overflow. */
|
||||
+ status |= 2;
|
||||
+ }
|
||||
+
|
||||
shift += 7;
|
||||
}
|
||||
- else if ((byte & 0x7f) != 0)
|
||||
- status |= 2;
|
||||
+ else if (byte != 0)
|
||||
+ {
|
||||
+ status |= 2;
|
||||
+ }
|
||||
|
||||
- if ((byte & 0x80) == 0)
|
||||
+ if (!cont)
|
||||
{
|
||||
status &= ~1;
|
||||
if (sign && (shift < 8 * sizeof (result)) && (byte & 0x40))
|
||||
@ -1,7 +1,7 @@
|
||||
Summary: Binary utilities
|
||||
Name: binutils
|
||||
Version: 2.34
|
||||
Release: 11
|
||||
Release: 12
|
||||
License: GPLv3+
|
||||
URL: https://sourceware.org/binutils
|
||||
|
||||
@ -43,6 +43,7 @@ Patch26: backport-Fix-a-build-problem-when-using-FreeBSD-12.patch
|
||||
Patch27: backport-0004-CVE-2021-20197.patch
|
||||
Patch28: backport-CVE-2021-3487.patch
|
||||
Patch29: backport-CVE-2021-3549.patch
|
||||
Patch30: backport-Fix-a-bogus-error-message-from-the-DWARF-LEB129.patch
|
||||
|
||||
Provides: bundled(libiberty)
|
||||
|
||||
@ -321,6 +322,12 @@ fi
|
||||
%{_infodir}/bfd*info*
|
||||
|
||||
%changelog
|
||||
* Fri Jul 23 2021 panxiaohe <panxiaohe@huawei.com> - 2.34-12
|
||||
- Type:bugfix
|
||||
- ID:NA
|
||||
- SUG:NA
|
||||
- DESC:fix a bogus error message from the DWARF LEB129 decoder
|
||||
|
||||
* Sat Jun 19 2021 wangchen <wangchen137@huawei.com> - 2.34-11
|
||||
- Type:CVE
|
||||
- ID:NA
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user