[Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in

[cvs-commit at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=17512

--- Comment #82 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot 
gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "gdb and binutils".

The branch, master has been updated
       via  f41e4712a7b7ac60f181e7dfc984ca35c222f0d7 (commit)
      from  40e91bc71f7993f2064cec4ffd007f2c814a1b29 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f41e4712a7b7ac60f181e7dfc984ca35c222f0d7

commit f41e4712a7b7ac60f181e7dfc984ca35c222f0d7
Author: Nick Clifton <address@hidden>
Date:   Wed Nov 12 22:39:58 2014 +0000

    Fix more memory faults uncovered by fuzzing various executables.

        PR binutils/17512
        * dwarf.c (read_and_display_attr_value): Check that we do not read
        past end.
        (display_debug_pubnames_worker): Add range checks.
        (process_debug_info): Check for invalid pointer sizes.
        (display_loc_list): Likewise.
        (display_loc_list_dwo): Likewise.
        (display_debug_ranges): Likewise.
        (display_debug_aranges): Check for invalid address size.
        (read_cie): Add range checks.  Replace call strchr with while loop.
        * objdump.c (dump_dwarf): Replace abort with a warning message.
        (print_section_stabs): Improve range checks.
        * rdcoff.c (coff_get_slot): Use long for indx parameter type.
        Add check for an excesively large index.
        * rddbg.c (read_section_stabs_debugging_info): Zero terminate the
        string table.  Avoid walking off the end of the stabs data.
        * stabs.c (parse_stab_string): Add check for a NULL name.

        PR binutils/17512
        * coffcode.h (coff_slurp_line_table): Set the line number of
        corrupt entries to -1.
        (coff_slurp_symbol_table): Alway initialise the value of the
        symbol.
        * coffgen.c (coff_print_symbol): Check that the combined pointer
        is valid.
        (coff_print_symbol): Do not print negative line numbers.
        * peXXigen.c (pe_print_idata): Add range checking displaying
        member names.

-----------------------------------------------------------------------

Summary of changes:
 bfd/ChangeLog      |   13 +++++
 bfd/coffcode.h     |   14 ++++-
 bfd/coffgen.c      |   15 +++++-
 bfd/peXXigen.c     |   25 ++++++---
 binutils/ChangeLog |   20 +++++++
 binutils/dwarf.c   |  144 +++++++++++++++++++++++++++++++++++++++-------------
 binutils/objdump.c |   16 ++++--
 binutils/rdcoff.c  |    9 +++-
 binutils/rddbg.c   |   40 +++++++++-----
 binutils/stabs.c   |   30 +++++++----
 10 files changed, 244 insertions(+), 82 deletions(-)

-- 
You are receiving this mail because:
You are on the CC list for the bug.