/* opncls.c -- open and close a BFD.
- Copyright (C) 1990-2017 Free Software Foundation, Inc.
+ Copyright (C) 1990-2019 Free Software Foundation, Inc.
Written by Cygnus Support.
SYNOPSIS
bfd *bfd_fopen (const char *filename, const char *target,
- const char *mode, int fd);
+ const char *mode, int fd);
DESCRIPTION
Open the file @var{filename} with the target @var{target}.
SYNOPSIS
bfd *bfd_openstreamr (const char * filename, const char * target,
- void * stream);
+ void * stream);
DESCRIPTION
Open a BFD for read access on an existing stdio stream. When
bfd_openr_iovec
SYNOPSIS
- bfd *bfd_openr_iovec (const char *filename, const char *target,
- void *(*open_func) (struct bfd *nbfd,
- void *open_closure),
- void *open_closure,
- file_ptr (*pread_func) (struct bfd *nbfd,
- void *stream,
- void *buf,
- file_ptr nbytes,
- file_ptr offset),
- int (*close_func) (struct bfd *nbfd,
- void *stream),
+ bfd *bfd_openr_iovec (const char *filename, const char *target,
+ void *(*open_func) (struct bfd *nbfd,
+ void *open_closure),
+ void *open_closure,
+ file_ptr (*pread_func) (struct bfd *nbfd,
+ void *stream,
+ void *buf,
+ file_ptr nbytes,
+ file_ptr offset),
+ int (*close_func) (struct bfd *nbfd,
+ void *stream),
int (*stat_func) (struct bfd *abfd,
- void *stream,
- struct stat *sb));
+ void *stream,
+ struct stat *sb));
DESCRIPTION
- Create and return a BFD backed by a read-only @var{stream}.
- The @var{stream} is created using @var{open_func}, accessed using
- @var{pread_func} and destroyed using @var{close_func}.
+ Create and return a BFD backed by a read-only @var{stream}.
+ The @var{stream} is created using @var{open_func}, accessed using
+ @var{pread_func} and destroyed using @var{close_func}.
Calls <<bfd_find_target>>, so @var{target} is interpreted as by
that function.
int prot ATTRIBUTE_UNUSED,
int flags ATTRIBUTE_UNUSED,
file_ptr offset ATTRIBUTE_UNUSED,
- void **map_addr ATTRIBUTE_UNUSED,
- bfd_size_type *map_len ATTRIBUTE_UNUSED)
+ void **map_addr ATTRIBUTE_UNUSED,
+ bfd_size_type *map_len ATTRIBUTE_UNUSED)
{
return (void *) -1;
}
bfd_byte *contents;
unsigned int crc_offset;
char *name;
+ bfd_size_type size;
BFD_ASSERT (abfd);
BFD_ASSERT (crc32_out);
if (sect == NULL)
return NULL;
+ size = bfd_get_section_size (sect);
+
+ /* PR 22794: Make sure that the section has a reasonable size. */
+ if (size < 8 || size >= bfd_get_size (abfd))
+ return NULL;
+
if (!bfd_malloc_and_get_section (abfd, sect, &contents))
{
if (contents != NULL)
/* CRC value is stored after the filename, aligned up to 4 bytes. */
name = (char *) contents;
- /* PR 17597: avoid reading off the end of the buffer. */
- crc_offset = strnlen (name, bfd_get_section_size (sect)) + 1;
+ /* PR 17597: Avoid reading off the end of the buffer. */
+ crc_offset = strnlen (name, size) + 1;
crc_offset = (crc_offset + 3) & ~3;
- if (crc_offset >= bfd_get_section_size (sect))
+ if (crc_offset + 4 > size)
return NULL;
*crc32 = bfd_get_32 (abfd, contents + crc_offset);
SYNOPSIS
char *bfd_get_alt_debug_link_info (bfd * abfd,
bfd_size_type *buildid_len,
- bfd_byte **buildid_out);
+ bfd_byte **buildid_out);
DESCRIPTION
Fetch the filename and BuildID value for any alternate debuginfo
bfd_byte *contents;
unsigned int buildid_offset;
char *name;
+ bfd_size_type size;
BFD_ASSERT (abfd);
BFD_ASSERT (buildid_len);
if (sect == NULL)
return NULL;
+ size = bfd_get_section_size (sect);
+ if (size < 8 || size >= bfd_get_size (abfd))
+ return NULL;
+
if (!bfd_malloc_and_get_section (abfd, sect, & contents))
{
if (contents != NULL)
/* BuildID value is stored after the filename. */
name = (char *) contents;
- buildid_offset = strnlen (name, bfd_get_section_size (sect)) + 1;
+ buildid_offset = strnlen (name, size) + 1;
if (buildid_offset >= bfd_get_section_size (sect))
return NULL;
- *buildid_len = bfd_get_section_size (sect) - buildid_offset;
+ *buildid_len = size - buildid_offset;
*buildid_out = bfd_malloc (*buildid_len);
memcpy (*buildid_out, contents + buildid_offset, *buildid_len);
typedef bfd_boolean (* check_func_type) (const char *, void *);
static char *
-find_separate_debug_file (bfd * abfd,
- const char * debug_file_directory,
- bfd_boolean include_dirs,
- get_func_type get_func,
+find_separate_debug_file (bfd * abfd,
+ const char * debug_file_directory,
+ bfd_boolean include_dirs,
+ get_func_type get_func,
check_func_type check_func,
- void * func_data)
+ void * func_data)
{
char *base;
char *dir;
debugfile = (char *)
bfd_malloc (strlen (debug_file_directory) + 1
- + (canon_dirlen > dirlen ? canon_dirlen : dirlen)
- + strlen (".debug/")
+ + (canon_dirlen > dirlen ? canon_dirlen : dirlen)
+ + strlen (".debug/")
#ifdef EXTRA_DEBUG_ROOT1
+ strlen (EXTRA_DEBUG_ROOT1)
#endif
#ifdef EXTRA_DEBUG_ROOT2
+ strlen (EXTRA_DEBUG_ROOT2)
#endif
- + strlen (base)
- + 1);
+ + strlen (base)
+ + 1);
if (debugfile == NULL)
goto found; /* Actually this returns NULL. */
inote.descdata = inote.namedata + BFD_ALIGN (inote.namesz, 4);
/* FIXME: Should we check for extra notes in this section ? */
- if (inote.descsz == 0
+ if (inote.descsz <= 0
|| inote.type != NT_GNU_BUILD_ID
|| inote.namesz != 4 /* sizeof "GNU" */
|| strncmp (inote.namedata, "GNU", 4) != 0
+ || inote.descsz > 0x7ffffffe
|| size < (12 + BFD_ALIGN (inote.namesz, 4) + inote.descsz))
{
free (contents);