Google Git
Sign in
gnu/binutils-gdb/2bda15d73cb1d6c4e3db402682d4c11a94d96b7b
commit
2bda15d73cb1d6c4e3db402682d4c11a94d96b7b
[log]
author
Alan Modra <amodra@gmail.com>
Wed Aug 17 15:43:25 2022 +0930
committer
Alan Modra <amodra@gmail.com>
Wed Aug 17 16:32:04 2022 +0930
tree
d06520d45c06bd156dd00a2ef3445e1f2d035a27
parent
11c6a7c6232c2fcd23058dcb9ac7909e491e02bc [diff]
asan: heap buffer overflow in mmo_scan

mmo_get_loc needs to handle arbitrary vma and size chunks.  Fuzzers
found that it wasn't working so well when the end of chunks were
getting close to address wrap-around.

	* mmo.c (mmo_get_loc): Make "size" unsigned.  Avoid arithmetic
	overflow when calculating whether range hits an existing chunk.
1 file changed
tree: d06520d45c06bd156dd00a2ef3445e1f2d035a27
  1. bfd/
  2. binutils/
  3. config/
  4. contrib/
  5. cpu/
  6. elfcpp/
  7. etc/
  8. gas/
  9. gdb/
  10. gdbserver/
  11. gdbsupport/
  12. gnulib/
  13. gold/
  14. gprof/
  15. gprofng/
  16. include/
  17. intl/
  18. ld/
  19. libbacktrace/
  20. libctf/
  21. libdecnumber/
  22. libiberty/
  23. opcodes/
  24. readline/
  25. sim/
  26. texinfo/
  27. zlib/
  28. .cvsignore
  29. .editorconfig
  30. .gitattributes
  31. .gitignore
  32. ar-lib
  33. ChangeLog
  34. compile
  35. config-ml.in
  36. config.guess
  37. config.rpath
  38. config.sub
  39. configure
  40. configure.ac
  41. COPYING
  42. COPYING.LIB
  43. COPYING.LIBGLOSS
  44. COPYING.NEWLIB
  45. COPYING3
  46. COPYING3.LIB
  47. depcomp
  48. djunpack.bat
  49. install-sh
  50. libtool.m4
  51. ltgcc.m4
  52. ltmain.sh
  53. ltoptions.m4
  54. ltsugar.m4
  55. ltversion.m4
  56. lt~obsolete.m4
  57. MAINTAINERS
  58. Makefile.def
  59. Makefile.in
  60. Makefile.tpl
  61. makefile.vms
  62. missing
  63. mkdep
  64. mkinstalldirs
  65. move-if-change
  66. multilib.am
  67. README
  68. README-maintainer-mode
  69. setup.com
  70. src-release.sh
  71. symlink-tree
  72. test-driver
  73. ylwrap