Avoid coff OOM
bfd_zalloc/bfd_zmalloc to fix uninitialized memory reads is too big a
hammer, when the size allocated depends on user input. A typical
bfd_alloc, bfd_seek, bfd_bread sequence will give an error or warning
at the point the file read fails when some enormous item as described
by headers is not actually present in the file. Nice operating system
allow memory overcommit. But not if you write to the memory. So
bfd_zalloc can cause an OOM, thrashing, or system hangs.
The patch also fixes a recently introduced endless loop on bad input.
PR binutils/17512
* coffcode.h (coff_slurp_line_table): Don't bfd_zalloc, just
memset the particular bits we need. Update src after hitting loop
"continue". Don't count lineno omitted due to invalid symbols in
nbr_func, and update lineno_count. Init entire terminating
lineno. Don't both allocating terminator in n_lineno_cache.
Redirect sym->lineno pointer to where n_lineno_cache will be
copied, and free n_lineno_cache.
* pe-mips.c (NUM_HOWTOS): Typo fix.
This page took 0.024329 seconds and 4 git commands to generate.
projects / deliverable / binutils-gdb.git / commit
