/* If the size_t type is smaller than the bfd_size_type, eg because
you are building a 32-bit tool on a 64-bit host, then make sure
that when the sizes are cast to (size_t) no information is lost. */
- if (sizeof (size_t) < sizeof (bfd_size_type)
- && ( (bfd_size_type) ((size_t) size) != size
- || (bfd_size_type) ((size_t) nmemb) != nmemb))
+ if ((size_t) size != size
+ || (size_t) nmemb != nmemb
+ || (size_t) amt != amt)
{
if (reason)
error (_("Size truncation prevents reading %s"
}
/* Check for size overflow. */
- if (amt < nmemb)
+ if (amt / size != nmemb || (size_t) amt + 1 == 0)
{
if (reason)
error (_("Size overflow prevents reading %s"
mvar = var;
if (mvar == NULL)
{
- /* Check for overflow. */
- if (nmemb < (~(bfd_size_type) 0 - 1) / size)
- /* + 1 so that we can '\0' terminate invalid string table sections. */
- mvar = malloc ((size_t) amt + 1);
+ /* + 1 so that we can '\0' terminate invalid string table sections. */
+ mvar = malloc ((size_t) amt + 1);
if (mvar == NULL)
{
}
offset -= aux->info_addr;
/* PR 17531: file: 0997b4d1. */
- if (offset >= aux->info_size)
+ if (offset >= aux->info_size
+ || aux->info_size - offset < 8)
{
warn (_("Invalid offset %lx in table entry %ld\n"),
(long) tp->info.offset, (long) (tp - aux->table));
}
rloc = start + rp->r_offset;
- if ((rloc + reloc_size) > end || (rloc < start))
+ if (rloc >= end || (rloc + reloc_size) > end || (rloc < start))
{
warn (_("skipping invalid relocation offset 0x%lx in section %s\n"),
(unsigned long) rp->r_offset,
printf (_(" description data: "));
for (i = 0; i < pnote->descsz; i++)
- printf ("%02x ", pnote->descdata[i]);
+ printf ("%02x ", pnote->descdata[i] & 0xff);
if (!do_wide)
printf ("\n");
}