PR27291, integer overflow in bfd_get_section_contents Makes the code a little more elegant too. Note that the unsigned overflow reported here is well defined so this patch doesn't fix any real problem. PR 27291 * section.c (bfd_get_section_contents): Avoid possible overflow when range checking offset and count. (bfd_set_section_contents): Likewise.

commit: 6db658c517bdfbf8e5b8c5a34caf3ff1eea332f1 [log] [tgz]
author: Alan Modra <amodra@gmail.com> Thu Feb 11 09:53:17 2021 +1030
committer: Alan Modra <amodra@gmail.com> Thu Feb 11 11:58:19 2021 +1030
tree: c4033214b990c8c2cc35baf32de1e1c1bba9d4d2
parent: 160fe1933736c123e15199080874fcab8b9ecc65 [diff] [blame]
diff --git a/bfd/section.c b/bfd/section.c
index 3e6ba0c..059b6fa 100644
--- a/bfd/section.c
+++ b/bfd/section.c

@@ -1498,8 +1498,7 @@
 
   sz = section->size;
   if ((bfd_size_type) offset > sz
-      || count > sz
-      || offset + count > sz
+      || count > sz - offset
       || count != (size_t) count)
     {
       bfd_set_error (bfd_error_bad_value);
@@ -1569,8 +1568,7 @@
   else
     sz = section->size;
   if ((bfd_size_type) offset > sz
-      || count > sz
-      || offset + count > sz
+      || count > sz - offset
       || count != (size_t) count)
     {
       bfd_set_error (bfd_error_bad_value);
commit	6db658c517bdfbf8e5b8c5a34caf3ff1eea332f1	[log] [tgz]
author	Alan Modra <amodra@gmail.com>	Thu Feb 11 09:53:17 2021 +1030
committer	Alan Modra <amodra@gmail.com>	Thu Feb 11 11:58:19 2021 +1030
tree	c4033214b990c8c2cc35baf32de1e1c1bba9d4d2
parent	160fe1933736c123e15199080874fcab8b9ecc65 [diff] [blame]