X-Git-Url: https://oss.titaniummirror.com/gitweb?p=msp430-binutils.git;a=blobdiff_plain;f=debian%2Fpatches%2F312_pr5011.dpatch;fp=debian%2Fpatches%2F312_pr5011.dpatch;h=9eaec424a3d1d6fe77d07271c49b1f44b72b198f;hp=0000000000000000000000000000000000000000;hb=47f73751c91775676bb03af53e83c7f49dfda44f;hpb=6df9443a374e2b81278c61b8afc0a1eef7db280b diff --git a/debian/patches/312_pr5011.dpatch b/debian/patches/312_pr5011.dpatch new file mode 100755 index 0000000..9eaec42 --- /dev/null +++ b/debian/patches/312_pr5011.dpatch @@ -0,0 +1,158 @@ +#!/bin/sh -e +## 312_pr5011.dpatch +## +## DP: Description: Fix PR binutils/5011 +## DP: Upstream status: CVS head 20070908 + +if [ $# -ne 1 ]; then + echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" + exit 1 +fi + +[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts +patch_opts="${patch_opts:--f --no-backup-if-mismatch}" + +case "$1" in + -patch) patch $patch_opts -p1 < $0;; + -unpatch) patch $patch_opts -p1 -R < $0;; + *) + echo >&2 "`basename $0`: script expects -patch|-unpatch as argument" + exit 1;; +esac + +exit 0 + + + PR binutils/5011 + * readelf.c (process_version_sections): Don't read past end of + various section buffers. + +@DPATCH@ +Index: ./binutils/readelf.c +=================================================================== +RCS file: /cvs/src/src/binutils/readelf.c,v +retrieving revision 1.376 +diff -u -p -r1.376 readelf.c +--- ./binutils/readelf.c 30 Aug 2007 13:47:35 -0000 1.376 ++++ ./binutils/readelf.c 10 Sep 2007 08:59:40 -0000 +@@ -6454,6 +6454,7 @@ process_version_sections (FILE *file) + Elf_External_Verdef *edefs; + unsigned int idx; + unsigned int cnt; ++ char *endbuf; + + found = 1; + +@@ -6473,6 +6474,7 @@ process_version_sections (FILE *file) + edefs = get_data (NULL, file, section->sh_offset, 1, + section->sh_size, + _("version definition section")); ++ endbuf = (char *) edefs + section->sh_size; + if (!edefs) + break; + +@@ -6487,6 +6489,8 @@ process_version_sections (FILE *file) + int isum; + + vstart = ((char *) edefs) + idx; ++ if (vstart + sizeof (*edef) > endbuf) ++ break; + + edef = (Elf_External_Verdef *) vstart; + +@@ -6524,6 +6528,8 @@ process_version_sections (FILE *file) + vstart += aux.vda_next; + + eaux = (Elf_External_Verdaux *) vstart; ++ if (vstart + sizeof (*eaux) > endbuf) ++ break; + + aux.vda_name = BYTE_GET (eaux->vda_name); + aux.vda_next = BYTE_GET (eaux->vda_next); +@@ -6535,9 +6541,13 @@ process_version_sections (FILE *file) + printf (_(" %#06x: Parent %d, name index: %ld\n"), + isum, j, aux.vda_name); + } ++ if (j < ent.vd_cnt) ++ printf (_(" Version def aux past end of section\n")); + + idx += ent.vd_next; + } ++ if (cnt < section->sh_info) ++ printf (_(" Version definition past end of section\n")); + + free (edefs); + } +@@ -6548,6 +6558,7 @@ process_version_sections (FILE *file) + Elf_External_Verneed *eneed; + unsigned int idx; + unsigned int cnt; ++ char *endbuf; + + found = 1; + +@@ -6566,6 +6577,7 @@ process_version_sections (FILE *file) + eneed = get_data (NULL, file, section->sh_offset, 1, + section->sh_size, + _("version need section")); ++ endbuf = (char *) eneed + section->sh_size; + if (!eneed) + break; + +@@ -6578,6 +6590,8 @@ process_version_sections (FILE *file) + char *vstart; + + vstart = ((char *) eneed) + idx; ++ if (vstart + sizeof (*entry) > endbuf) ++ break; + + entry = (Elf_External_Verneed *) vstart; + +@@ -6603,6 +6617,8 @@ process_version_sections (FILE *file) + Elf_External_Vernaux *eaux; + Elf_Internal_Vernaux aux; + ++ if (vstart + sizeof (*eaux) > endbuf) ++ break; + eaux = (Elf_External_Vernaux *) vstart; + + aux.vna_hash = BYTE_GET (eaux->vna_hash); +@@ -6624,9 +6640,13 @@ process_version_sections (FILE *file) + isum += aux.vna_next; + vstart += aux.vna_next; + } ++ if (j < ent.vn_cnt) ++ printf (_(" Version need aux past end of section\n")); + + idx += ent.vn_next; + } ++ if (cnt < section->sh_info) ++ printf (_(" Version need past end of section\n")); + + free (eneed); + } +@@ -6771,7 +6791,10 @@ process_version_sections (FILE *file) + { + ivna.vna_name = BYTE_GET (evna.vna_name); + +- name = strtab + ivna.vna_name; ++ if (ivna.vna_name >= string_sec->sh_size) ++ name = _("*invalid*"); ++ else ++ name = strtab + ivna.vna_name; + nn += printf ("(%s%-*s", + name, + 12 - (int) strlen (name), +@@ -6823,7 +6846,10 @@ process_version_sections (FILE *file) + + ivda.vda_name = BYTE_GET (evda.vda_name); + +- name = strtab + ivda.vda_name; ++ if (ivda.vda_name >= string_sec->sh_size) ++ name = _("*invalid*"); ++ else ++ name = strtab + ivda.vda_name; + nn += printf ("(%s%-*s", + name, + 12 - (int) strlen (name), +