| Patrick Williams | 821a859 | 2023-05-02 15:26:54 -0500 | [diff] [blame^] | 1 | From 4b8386a90802ed8e43eac2266f6e03c92b4462ed Mon Sep 17 00:00:00 2001 |
| 2 | From: Nick Clifton <nickc@redhat.com> |
| 3 | Date: Fri, 23 Dec 2022 13:02:04 +0000 |
| 4 | Subject: [PATCH] Fix illegal memory access parsing corrupt DWARF information. |
| 5 | |
| 6 | PR 29936 |
| 7 | * dwarf2.c (concat_filename): Fix check for a directory index off |
| 8 | the end of the directory table. |
| 9 | |
| 10 | Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=8af23b30edbaedf009bc9b243cd4dfa10ae1ac09] |
| 11 | CVE: CVE-2023-22608 |
| 12 | |
| 13 | Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com> |
| 14 | |
| 15 | --- |
| 16 | bfd/dwarf2.c | 3 ++- |
| 17 | 1 file changed, 2 insertions(+), 1 deletion(-) |
| 18 | |
| 19 | diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c |
| 20 | index b7839ad6..8b07a24c 100644 |
| 21 | --- a/bfd/dwarf2.c |
| 22 | +++ b/bfd/dwarf2.c |
| 23 | @@ -1828,7 +1828,8 @@ concat_filename (struct line_info_table *table, unsigned int file) |
| 24 | |
| 25 | if (table->files[file].dir |
| 26 | /* PR 17512: file: 0317e960. */ |
| 27 | - && table->files[file].dir <= table->num_dirs |
| 28 | + && table->files[file].dir |
| 29 | + <= (table->use_dir_and_file_0 ? table->num_dirs - 1 : table->num_dirs) |
| 30 | /* PR 17512: file: 7f3d2e4b. */ |
| 31 | && table->dirs != NULL) |
| 32 | { |