[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/29653] objcopy/strip: fuzzed small input file induces larg
From: |
cvs-commit at gcc dot gnu.org |
Subject: |
[Bug binutils/29653] objcopy/strip: fuzzed small input file induces large output file |
Date: |
Fri, 07 Oct 2022 03:10:15 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=29653
--- Comment #2 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot
gnu.org> ---
The master branch has been updated by Alan Modra <amodra@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ea4e4a19b7f6c192c307b5a37c67d141f3aea074
commit ea4e4a19b7f6c192c307b5a37c67d141f3aea074
Author: Alan Modra <amodra@gmail.com>
Date: Fri Oct 7 10:23:05 2022 +1030
PR29653, objcopy/strip: fuzzed small input file induces large output file
_bfd_check_format functions should not print errors or warnings if
they return NULL. A NULL return means the particular target under
test does not match, so there isn't any reason to make a complaint
about the target. In fact there isn't a good reason to warn even if
the target matches, except via the _bfd_per_xvec_warn mechanism; Some
other target might be a better match.
This patch tidies pe_bfd_object_p with the above in mind, and
restricts the PE optional header SectionAlignment and FileAlignment
fields somewhat. I chose to warn on nonsense values rather than
refusing to match. Refusing to match would be OK too.
PR 29653
* peXXigen.c (_bfd_XXi_swap_aouthdr_in): Don't emit error about
invalid NumberOfRvaAndSizes here. Limit loop copying data
directory to IMAGE_NUMBEROF_DIRECTORY_ENTRIES.
* peicode.h (pe_bfd_object_p): Don't clear and test bfd_error
around bfd_coff_swap_aouthdr_in. Warn on invalid SectionAlignment,
FileAlignment and NumberOfRvaAndSizes. Don't return NULL on
invalid NumberOfRvaAndSizes.
--
You are receiving this mail because:
You are on the CC list for the bug.