| From da928f639002002dfc649ed9f50492d5d6cb4cee Mon Sep 17 00:00:00 2001 |
| From: Nick Clifton <nickc@redhat.com> |
| Date: Mon, 5 Dec 2022 11:11:44 +0000 |
| Subject: [PATCH] Fix an illegal memory access when parsing a corrupt VMS Alpha |
| file. |
| MIME-Version: 1.0 |
| Content-Type: text/plain; charset=UTF-8 |
| Content-Transfer-Encoding: 8bit |
| |
| Fix an illegal memory access when parsing a corrupt VMS Alpha file. |
| |
| PR 29848 |
| * vms-alpha.c (parse_module): Fix potential out of bounds memory |
| access. |
| |
| Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=942fa4fb32738ecbb447546d54f1e5f0312d2ed4] |
| |
| CVE: CVE-2023-25584 |
| |
| Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> |
| |
| --- |
| bfd/vms-alpha.c | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| diff --git a/bfd/vms-alpha.c b/bfd/vms-alpha.c |
| index c548722c..53b3f1bf 100644 |
| --- a/bfd/vms-alpha.c |
| +++ b/bfd/vms-alpha.c |
| @@ -4361,7 +4361,7 @@ parse_module (bfd *abfd, struct module *module, unsigned char *ptr, |
| return false; |
| module->line_table = curr_line; |
| |
| - while (length == -1 || ptr < maxptr) |
| + while (length == -1 || (ptr + 3) < maxptr) |
| { |
| /* The first byte is not counted in the recorded length. */ |
| int rec_length = bfd_getl16 (ptr) + 1; |