rpms / mingw-binutils

Clone
Source Code
GIT

Blame SOURCES/CVE-2022-38533.patch

c8 c8-beta c8s c9 c9-beta
  1.   82154a5af490e92f4c6c2b48168ffbab6d1c2f63
  2.   SOURCES
  3.   CVE-2022-38533.patch
Blob History Raw
82154a 
diff -rupN --no-dereference binutils-2.39/bfd/coffcode.h binutils-2.39-new/bfd/coffcode.h
82154a 
--- binutils-2.39/bfd/coffcode.h	2022-07-08 11:46:47.000000000 +0200
82154a 
+++ binutils-2.39-new/bfd/coffcode.h	2022-10-30 12:41:41.408023817 +0100
82154a 
@@ -4284,10 +4284,13 @@ coff_set_section_contents (bfd * abfd,
82154a
82154a 
 	rec = (bfd_byte *) location;
82154a 
 	recend = rec + count;
82154a 
-	while (rec < recend)
82154a 
+	while (recend - rec >= 4)
82154a 
 	  {
82154a 
+	    size_t len = bfd_get_32 (abfd, rec);
82154a 
+	    if (len == 0 || len > (size_t) (recend - rec) / 4)
82154a 
+	      break;
82154a 
+	    rec += len * 4;
82154a 
 	    ++section->lma;
82154a 
-	    rec += bfd_get_32 (abfd, rec) * 4;
82154a 
 	  }
82154a
82154a 
 	BFD_ASSERT (rec == recend);

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation